SAP takes all matters relating to our customers’ security very seriously, and we are constantly working on improving our product security measures. If you discover a potential security vulnerability in any SAP Software:
- SAP Customers: If you discover a potential security vulnerability within your SAP systems not covered by a published security note, please report this by creating a customer incident at https://support.sap.com/incident
- Security Researchers: If you discover a potential security vulnerability within any SAP software, please send the related information to the SAP Product Security Response Team at firstname.lastname@example.org, using the email template below with PGP for e-mail encryption.
- Send details as follows for us to better understand the nature and scope of the vulnerability: Vulnerability Category; Affected Product Version with SP and patch level; Necessary previous /post conditions; Vulnerability description with Proof of Concept or exploit code; Impact of the issue if exploited.