SAP is in the process of fixing security flaws found in a number of its cloud-based products, the German software giant has confirmed.
According to a press release , the company identified the problems after an internal review and is now working on multiple fixes.
SAP did not publish a detailed breakdown of the flaws, but expects patches to be deployed “in the second quarter 2020.”
The products set to receive fixes are as follows:
- SAP Success Factors
- SAP Concur
- SAP/CallidusCloud Commissions
- SAP/Callidus Cloud CPQ
- SAP C4C/Sales Cloud
- SAP Cloud Platform
- SAP Analytics Cloud
Not all the affected products were originally owned and operated by SAP, but were brought into the fold following acquisitions made by the firm.
The company believes roughly nine percent of its 440,000 customers are affected by the flaws and has begun to notify vulnerable users.
Although SAP is yet to remedy the flaws, it believes they have not yet been exploited by cybercriminals in the wild.
“In an effort to ensure that the affected products meet relevant terms and conditions and in addition to technical remediation, SAP has decided to update its security-related terms and conditions. These remain in line with market peers,” it added.