back to article SAP cleans up more than a dozen troubling CRM security blunders

Critical issues in SAP’s CRM application – patched on Tuesday – open the door to corporate espionage, security researchers warn. SAP resolved a total of 19 software flaws yesterday. Among the most critical bugs is an SQL injection in SAP CRM WebClient User Interface (SAP Security Note 2450979). The issue, identified by …

  1. Anonymous Coward
    Facepalm

    Security researchers and software flaws

    Such defects are unacceptable in this day-and-ages and in my opinion unsuitable for today's totally connected world. Do think that at this stage, the innovators and visionaries really need to be held accountable for the quality of the software product. I mean, I thought OOP, agile, lean, scrum, waterfall, DevOps was supposed to be a cure for software defects. Or are all these methodologies a sign that current software development is in a state of crisis.

    1. Anonymous Coward
      Anonymous Coward

      Re: Security researchers and software flaws

      Best-run businesses run [FROM] SAP!

      To be fair, when you have a number of devs, in SAP's case 10k+ devs, it is hard to avoid these types of issues. You think you can do better? Why don't you go to Walldorf, they will hire you with a fat salary, really fat salary, if you know how to avoid these issues!

      1. Anonymous Coward
        Anonymous Coward

        Re: Security researchers and software flaws

        "To be fair, when you have a number of devs, in SAP's case 10k+ devs, it is hard to avoid these types of issues."

        Use a version control system to write the code and allocate two developers to each component. Have one write the code and the other test for bugs. Use a bug tracking system to report bugs. Allow the end users access to the bug tracking system. Generate nightly builds and allocate odd numbers for test builds and even numbers for stable builds. Apply all bug-fixes to the latest even numbered build and publish.

  2. Zog_but_not_the_first
    Facepalm

    Whoops!

    I read that as ... CPM security blunders and wondered if it was just a little bit too late.

    BDOS error on Zog.

    1. kain preacher
      Coat

      Re: Whoops!

      if they are still using CP/M that;s whole nother can of worms. Grabs her coat. it's the one with the xerox 8010 manual in it.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021