Enterprise Resource Planning (ERP)

ICMAD: Critical Vulnerabilities in SAP Business Applications Require Immediate Attention

  • 1.  ICMAD: Critical Vulnerabilities in SAP Business Applications Require Immediate Attention

    Posted Feb 24, 2022 05:03:00 AM

    This blog was originally published by Onapsis on February 8, 2022.

    Written by JP Perez-Etchegoyen and the Onapsis Research Labs.

    Detailed research from the Onapsis Research Labs throughout 2021 around HTTP Response Smuggling led to the recent discovery of a set of extremely critical vulnerabilities affecting SAP applications actively using the SAP Internet Communication Manager (ICM) component, which we have collectively dubbed ICMAD (Internet Communication Manager Advanced Desync), for short. This discovery will require immediate attention by most SAP customers, given the widespread usage of the vulnerable technology component in SAP landscapes around the world.

    Download the Report: Onapsis and SAP Partner to Discover and Patch Critical ICMAD Vulnerabilities

    https://cloudsecurityalliance.org/blog/2022/02/14/icmad-critical-vulnerabilities-in-sap-business-applications-require-immediate-attention/



    ------------------------------
    Shamun Mahmud
    Standards Officer, Sr. Research Analyst
    Cloud Security Alliance
    WA
    ------------------------------