• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Не установлено обновление Note 1475075

Главная Специалистам База уязвимостей Не установлено обновление Note 1475075

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
Производитель ПО
SAP
Наименование ПО
SAP Notes (1475075-8) SAP Support Packages (SAPKITL435)
Описание
This problem is caused by an SQL injection week spot. In the source  code, an SQL statement is assembled from strings. An attacker can obtain  control of the contents of a substring. The resulting total statement  can be manipulated and therefore all SQL commands can be executed with the rights of the database user who is logged on.
Как исправить
This enhancement is integrated automatically as of SAP Solution Manager 7.01 Support Package 25.
For Support Packages lower than Support Package 25, proceed as follows:

1. Create the SECURITY log object

First use transaction SLG0 (for maintaining log objects), to create a subobject SECURITY with the subobject text "Log for SMSY Security Handling" for the object SMSY_LOG_OBJ.

2. Extend the SMSY options

2.1 Extend the SMSY_OPTION domain

Call transaction SE11 "ABAP Dictionary". Select "Domain" and enter SMSY_OPTION. Choose "Change". Go to the "Value Range" tab page and enter the following new option values at the end of the table:

Fix.Val. Short Descript.
SCUEXC_DIS Deactivation of the security check exception
SCULOG_ENA Activation of the security check log

Save and activate your changes.

2.2 Include the new domain values in SMSY_OPTIONS

Call transaction SM30 "Maintain Table Views: Initial Screen". Enter SMSY_OPTIONS in the "Table/View" field and choose "Maintain". Choose "New Entries".

Make sure that the horizontal scrollbar of the table is completely to the left and that you can see the first two columns of the table.
Fill the two new rows with the corresponding values as follows:

Column 1: Select the value SMSY_OPTIONS (Deactivation of the security check exception) using the input help.
Column 2: Manually enter the description "Deactivation of the security check exception".
Column 3: <Leave empty>
Column 4 and 5: Select the checkboxes.

Column 1: Select the value SCULOG_ENA (Activation of the security check log) using the input help.
Column 2: Manually enter the description "Activation of the security check log".
Column 3: Enter the value "X" here.
Column 4 and 5: Select the checkboxes.

Save the options that you have added.

2.3 Additional procedure and explanations of the security enhancements

Implement the attached correction instructions.

After you implement the corrections, the security checks in the SMSY landscape are active immediately and processing terminates if there is a security vulnerability. In addition, an application log is updated if there is a security vulnerability. You can use transaction SLG1 (Analyze Application Log) to display this log using the following object that was created previously:

Object: SMSY_LOG_OBJ - Log Object of System Landscape
Subobject: SECURITY - Log for SMSY Security Handling



Deactivating the log update
You can deactivate the log update by accessing the SMSY by following the menu options "Goto -> Setup System Landscape Maintenance -> Edit Menu -> Expert Settings" to set the value of the option for activating the security check log from "X" to empty.

Deactivating the security checks
You can deactivate the security checks by accessing the SMSY by following the menu options "Goto -> Setup System Landscape Maintenance -> Edit Menu -> Expert Settings" to set the value of the option for deactivating the security check exceptions from empty to "X".

Note that when you do this, security checks are no longer carried out and an attacker will be able to access and change saved data in the Solution Manager (transaction SMSY).
Ссылки