vulnerability detection for SAP
119 views
Skip to first unread message
Ahmed Abdelmajeed
Nov 17, 2022, 1:30:28 PM11/17/22
to Wazuh mailing list
Hello,
Can wazuh vulnerability detection detect SAP vulnerabilities ?
Thanks,
Ahmed
Can wazuh vulnerability detection detect SAP vulnerabilities ?
Thanks,
Ahmed
Chema Martinez
Nov 21, 2022, 8:24:38 AM11/21/22
to Wazuh mailing list
Hi Ahmed,
SAP vulnerabilities are detected in the same way as the rest of vulnerabilities taking into account that our Vulnerability Detector module is based on analyzing the installed software against vulnerability databases such as the NVD.
Taking this into account, vulnerabilities like CVE-2022-41260 and CVE-2022-41259 affecting SAP are associated with particular software, such as Financial Consolidation or SQL anywhere, as you can see in the CPEs at the end of the CVE reports.
This means that having these programs installed in your agents, the Vulnerability Detector should be able to collect them and scan the software inventory looking for vulnerabilities.
Are you concerned about any particular CVE or SAP application? In that case, just let me know and we can review that case more in detail. In addition, did you try to run the vulnerability scanner in your environment to check if the SAP vulnerabilities are detected?
Kind regards,
Chema.
Reply all
Reply to author
Forward
0 new messages