Applications including SuccessFactors, Concur, and Callidus don’t meet security standards, company says
Business software vendor SAP is working to correct unspecified security flaws and shortcomings discovered in several of its major cloud-based application suites. The problem is mostly a failure of these products to meet SAP’s security standards, according to a Bloomberg report.
The Lowdown: The defective products include human resources applications under SuccessFactors, expense management applications under Concur, and sales management applications under Callidus Software. Additional security problems exist in SAP’s C4C/Sales Cloud, Cloud Platform, and Analytics Cloud products.
The Details: SAP did not specify the nature of the security problems or shortcomings, only that the noted applications did not meet its security standards. SAP told Bloomberg it will correct the vulnerabilities in the second quarter to meet contractual and regulatory obligations.
The Impact: SAP says the security flaws affect 9%, or nearly 40,000, of customers. No reported security breaches or compromises resulted from the vulnerabilities.
Background: Most of the subpar applications come from companies SAP acquired over the past 10 years. According to Bloomberg, SAP struggled with transitioning and updating the base code and infrastructure of its acquisitions, resulting in the security flaws.