SAP patches multiple vulnerabilities in the Business Technology Platform, including a critical elevation of privilege bug.
December 12, 2023 By Ionut Arghire
German enterprise software maker SAP on Tuesday announced the release of 15 new and two updated security notes as part of its December 2023 Security Patch Day.
Four of the December 2023 security notes have a severity rating of ‘hot news’, the highest in the company’s notebook, but three of them are updates to previously released notes.
The new hot news security note deals with multiple vulnerabilities in SAP Business Technology Platform (BTP), the most severe of which is a critical-severity elevation of privilege flaw.
Tracked as CVE-2023-49583 (CVSS score of 9.1), the issue was identified in the BTP Security Services Integration Libraries, which simplify the integration of BTP security services and other identity services.