Skip to main content

SAP reveals security holes in certain cloud products

(Image credit: SAP)

German software giant SAP has announced its plans to notify nine percent of its 440,000 customers regarding recently discovered security issues with several of its cloud-based products.

The products in question include the likes of SAP Success Factors, SAP Concur, SAP/CallidusCloud Commissions, SAP/Callidus Cloud CPQ, SAP C4C/Sales Cloud, SAP Cloud Platform, and SAP Analytics Cloud.

In a recently published advisory, SAP explained that the security issues were discovered during an internal review, saying:

“These findings were not identified in response to a security incident. As SAP continues with its review, it does not believe that any customer data has been compromised as a result of these issues. In an effort to ensure that the affected products meet relevant terms and conditions and in addition to technical remediation, SAP has decided to update its security-related terms and conditions.” 

Security issues

SAP did not explain the nature of the security issues it found in its cloud-based products as they have yet to be fixed. However, it has already begun working on remediation efforts to patch all of the impacted products which should receive security updates during Q2.

While SAP has already adjusted its revenue to account for the coronavirus pandemic, the company said that the cost of these security updates will likely not impact its current 2020 financial outlook.

SAP has also begun individually notifying each of its affected customers and the number of those impacted by the security issues in its cloud-based products is believed to be close to 40,000.

Via ZDNet