• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Не установлено обновление Note 1471069

Главная Специалистам База уязвимостей Не установлено обновление Note 1471069

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
Производитель ПО
SAP
Наименование ПО
SAP Notes (1471069-6) SAP Support Packages (EP_RUNTIME_710_SP011_000000, EP_RUNTIME_710_SP999999_999999, EP_RUNTIME_711_SP006_000000, EP_RUNTIME_711_SP999999_999999, EP_RUNTIME_720_SP004_000000, EP_RUNTIME_720_SP999999_999999, PORTAL_700_SP018_000009, PORTAL_700_SP019_000007, PORTAL_700_SP020_000007, PORTAL_700_SP021_000004, PORTAL_700_SP022_000002, PORTAL_700_SP023_000000, PORTAL_700_SP999999_999999, PORTAL_701_SP003_000009, PORTAL_701_SP004_000008, PORTAL_701_SP005_000008, PORTAL_701_SP006_000012, PORTAL_701_SP007_000002, PORTAL_701_SP008_000000, PORTAL_701_SP999999_999999, PORTAL_702_SP003_000005, PORTAL_702_SP004_000005, PORTAL_702_SP005_000000, PORTAL_702_SP999999_999999)
Описание
Prerequisites:
ABAP Security Sessions is enabled in the back-end and:
- SAP NetWeaver 7.00 SP22 and down is installed.
- SAP NetWeaver 7.01 SP7 and down is installed.
- SAP NetWeaver 7.02 SP4 and down is installed.
- SAP NetWeaver 7.10 SP10 and down is installed.
- SAP NetWeaver 7.11 SP5 and down is installed.
- SAP NetWeaver 7.20 SP3 and down is installed.
- SAP NetWeaver 7.30 SP0 is installed.
Как исправить
In order to enable the enhancement, do the following steps:
1. Navigate in the portal to the system object and open it for edit.
2. Navigate to 'connector' section.
3. Change the property 'ABAP HTTP Security Sessions Enabled' value to 'Yes'.

If patch installation was applied, than the new property ('ABAP HTTP Security Sessions Enabled') will not appear in the property editor of the system object. In order to update the system with this property follow the manual steps described in the attached document 'update_system.doc' (zipped in 'Update_System.zip').

Note: If from some reason in the back-end the ABAP HTTP Security Sessions feature is disabled this property must be reconfigured to 'No', otherwise session to the back-end will not be terminated.
Ссылки