SAP Releases Security Update for NetWeaver Knowledge Management

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

SAP SE has released a security update to address a cross-site scripting vulnerability in NetWeaver Knowledge Management [CVE-2020-6284]. An attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the SAP One Support Launchpad and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

SAP Releases Security Update for NetWeaver Knowledge Management

Please share your thoughts