Old SAP vulnerability scares Homeland Security

The Department of Homeland Security has issued an alert about a 6-year-old SAP vulnerability that’s still being exploited enough that DHS deems it worthy of special note.

But the responsibility for being vulnerable lies with SAP users. “This is a responsibility that falls on SAP customers’ information security teams, service providers and external audit firms,” according to an FAQ about the vulnerability that was put out by Onapsis, an SAP-security vendor.

And the company is right. The fixes should have been applied by now.

To read this article in full or to leave a comment, please click here

Old SAP vulnerability scares Homeland Security

Share This