SAP admits cybersecurity issues with its cloud products

Business software supplier SAP said several of its cloud-computing products do not meet the company’s cybersecurity standards, Bloomberg reported.
SAPThe vulnerabilities affect 9 percent of SAP’s 440,000 customers, the Walldorf, Germany-based company said Monday in a statement.

SAP plans to fix the problems in the second quarter to meet contractually agreed or statutory security standards. There are no known breaches or security incidents that have resulted from the shortcomings, which affect products from companies that SAP acquired, including SuccessFactors., Concur Technologies and Callidus Software.

The business software giant found similar issues with its C4C/Sales Cloud, Cloud Platform and Analytics Cloud products. The cost of improving the applications is expected to be covered within the range of SAP’s 2020 forecast, according to the company.

SAP paid more than $3 billion for SuccessFactors in 2012, upwards of $7 billion for Concur in 2014 and more than $2 billion for Callidus in 2018.

When absorbing those companies, SAP inherited their infrastructure, and has faced difficulty transitioning some subsidiaries away from using programs from its main rival Oracle.