SAP Knowledge Base Article - Preview

3601509 - CVE in former SAP Business Client versions

Symptom

This KBA is to confirm that the following vulnerabilities in the SAP Business Client were formerly corrected in the following patch level:

 

  • CVE-2018-2398 is exploitable in SAP Business Client version 6.5 until (including) 6.5 Patch 4. SAP Business Client 6.0 is not affected by this vulnerability.
    The vulnerability was corrected in 6.5 Patch 5. Later versions are not affected.

 

  • CVE-2020-6228 is exploitable in SAP Business Client versions 6.0 (all patches), 6.5 until (including) 6.5 Patch 19 and 7.0 until (including) 7.0 Patch 6.
    Release 6.0 was already out of maintenance, when this issue was detected. The vulnerability was corrected in 6.5 Patch 20 and 7.0 Patch 7. Later versions are not affected.

 

  • CVE-2020-6244 is exploitable in SAP Business Client versions 6.0 (all patches), 6.5 (all patches) and 7.0 until (including) 7.0 Patch 9.
    Releases 6.0 and 6.5 were already out of maintenance, when this issue was detected. The vulnerability was corrected in 7.0 Patch 10. Later versions are not affected.

 

  • CVE-2021-38150 is exploitable only in SAP Business Client versions 6.0 (all patches), 6.5 (all patches), 7.0 until (including) 7.0 Patch 20 and 7.70 until (including) 7.70 Patch 5.
    Release 6.0 and 6.5 were already out of maintenance, when this issue was detected. The vulnerability was corrected in 7.0 Patch 21 and 7.70 Patch 6. Later versions are not affected.

 

Please note that all subsequent SAP Business Client versions (e.g version 8.00) already include a fix and are therefore not affected by the vulnerabilities listed.

 

At the time this KBA is been written, please be informed that the SAP Business Client 8.00 version is the only version currently supported.

 

For more information, please refer to SAP note 2302074 - Maintenance strategy and deadlines for SAP Business Client / NWBC

 

Historic versions of SAP Business Client:

 

Release Date

Released Version

25 April 2025

SAP Business Client 8.00 PL19

3 April 2025

SAP Business Client 8.00 PL18

21 February 2025

SAP Business Client 8.00 PL17

17 January 2025

SAP Business Client 8.00 PL16

8 November 2024

SAP Business Client 8.00 PL15

20 September 2024

SAP Business Client 8.00 PL14

26 July 2024

SAP Business Client 8.00 PL13

14 June 2024

SAP Business Client 8.00 PL12

2 May 2024

SAP Business Client 8.00 PL11

5 April 2024

SAP Business Client 8.00 PL10
SAP Business Client 7.70 PL30

23 February 2024

SAP Business Client 8.00 PL09
SAP Business Client 7.70 PL29

12 January 2024

SAP Business Client 8.00 PL08
SAP Business Client 7.70 PL28

24 November 2023

SAP Business Client 8.00 PL07
SAP Business Client 7.70 PL27

6 October 2023

SAP Business Client 8.00 PL06
SAP Business Client 7.70 PL26

25 August 2023

SAP Business Client 8.00 PL05
SAP Business Client 7.70 PL25

11 July 2023

SAP Business Client 8.00 PL04
SAP Business Client 7.70 PL24

28 June 2023

SAP Business Client 8.00 PL03
SAP Business Client 7.70 PL23

5 May 2023

SAP Business Client 8.00 PL02
SAP Business Client 7.70 PL22

24 March 2023

SAP Business Client 8.00 PL01
SAP Business Client 7.70 PL21

27 January 2023

SAP Business Client 8.00 PL00
SAP Business Client 7.70 PL20

8 December 2022

SAP Business Client 7.70 PL19

14 October 2022

SAP Business Client 7.70 PL18

19 September 2022

SAP Business Client 7.70 PL17

19 August 2022

SAP Business Client 7.70 PL16

8 July 2022

SAP Business Client 7.70 PL15

13 May 2022

SAP Business Client 7.70 PL14

4 April 2022

SAP Business Client 7.70 PL13
SAP Business Client 7.0 PL26

25 March 2022

SAP Business Client 7.70 PL12
SAP Business Client 7.0 PL25

16 February 2022

SAP Business Client 7.70 PL11

28 January 2022

SAP Business Client 7.70 PL10
SAP Business Client 7.0 PL24

10 December 2021

SAP Business Client 7.70 PL9
SAP Business Client 7.0 PL23

28 October 2021

SAP Business Client 7.70 PL8

1 October 2021

SAP Business Client 7.70 PL7
SAP Business Client 7.0 PL22

13 August 2021

SAP Business Client 7.70 PL6
SAP Business Client 7.0 PL21

22 July 2021

SAP Business Client 7.70 PL5

18 June 2021

SAP Business Client 7.70 PL4
SAP Business Client 7.0 PL20

7 May 2021

SAP Business Client 7.70 PL3
SAP Business Client 7.0 PL19

26 March 2021

SAP Business Client 7.70 PL2
SAP Business Client 7.0 PL18

12 February 2021

SAP Business Client 7.70 PL1
SAP Business Client 7.0 PL17

29 January 2021

SAP Business Client 7.70 PL0

18 January 2021

SAP Business Client 7.0 PL16

18 December 2020

SAP Business Client 7.0 PL15

6 November 2020

SAP Business Client 7.0 PL14

24 September 2020

SAP Business Client 7.0 PL13

14 August 2020

SAP Business Client 7.0 PL12

22 June 2020

SAP Business Client 7.0 PL11

15 April 2020

SAP Business Client 7.0 PL10

6 March 2020

SAP Business Client 7.0 PL9
SAP Business Client 6.5 PL22

31 January 2020

SAP Business Client 7.0 PL8
SAP Business Client 6.5 PL21

17 January 2020

SAP Business Client 7.0 PL7
SAP Business Client 6.5 PL20

21 November 2019

SAP Business Client 7.0 PL6
SAP Business Client 6.5 PL19

12 October 2019

SAP Business Client 7.0 PL5

11 October 2019

SAP Business Client 6.5 PL18

23 August 2019

SAP Business Client 7.0 PL4
SAP Business Client 6.5 PL17

12 July 2019

SAP Business Client 7.0 PL3
SAP Business Client 6.5 PL16

23 May 2019

SAP Business Client 7.0 PL2
SAP Business Client 6.5 PL15

8 April 2019

SAP Business Client 6.5 PL14

4 April 2019

SAP Business Client 7.0 PL1

25 February 2019

SAP Business Client 7.0 PL0

22 February 2019

SAP Business Client 6.5 PL13

4 January 2019

SAP Business Client 6.5 PL12

16 November 2018

SAP Business Client 6.5 PL11

5 October 2018

SAP Business Client 6.5 PL10

29 August 2018

SAP Business Client 6.5 PL9

29 June 2018

SAP Business Client 6.5 PL8

14 June 2018

SAP Business Client 6.0 PL17

9 May 2018

SAP Business Client 6.5 PL7

6 April 2018

SAP Business Client 6.5 PL6

16 March 2018

SAP Business Client 6.0 PL16

25 January 2018

SAP Business Client 6.5 PL5

29 December 2017

SAP Business Client 6.0 PL15

1 December 2017

SAP Business Client 6.5 PL4

19 October 2017

SAP Business Client 6.0 PL14

13 October 2017

SAP Business Client 6.5 PL3

25 August 2017

SAP Business Client 6.5 PL2

21 August 2017

SAP Business Client 6.0 PL13

27 June 2017

SAP Business Client 6.5 PL1

14 June 2017

SAP Business Client 6.0 PL12

10 May 2017

SAP Business Client 6.5 PL0

7 April 2017

SAP Business Client 6.0 PL11

5 February 2017

SAP Business Client 6.0 PL10

7 December 2016

SAP Business Client 6.0 PL9

12 October 2016

SAP Business Client 6.0 PL8

23 September 2016

SAP Business Client 6.0 PL7

19 August 2016

SAP Business Client 6.0 PL6

24 June 2016

SAP Business Client 6.0 PL5

29 April 2016

SAP Business Client 6.0 PL4

15 April 2016

SAP Business Client 6.0 PL3

25 February 2016

SAP Business Client 6.0 PL2

19 February 2016

SAP Business Client 6.0 PL1

28 October 2015

SAP Business Client 6.0 PL0


Read more...

Environment

SAP Business Client

Keywords

Common Vulnerabilities and Exposures, NWBC, SAP Business Client, CVE , KBA , BC-FES-BUS-DSK , SAP Business Client for Desktop , BC-FES-BUS , Netweaver Business Client , Bug Filed

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.