• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Не установлено обновление Note 1485029

Главная Специалистам База уязвимостей Не установлено обновление Note 1485029

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
Производитель ПО
SAP
Наименование ПО
SAP Notes (1485029-6) SAP Support Packages (SAPKB46B62, SAPKB46C61, SAPKB62069, SAPKB64027, SAPKB70023, SAPKB70108, SAPKB70205, SAPKB71011, SAPKB71106, SAPKB72004, SAPKH45B67)
Описание
Как исправить
Install the assigned support package. In order to do the correction manually, perform the following steps:
1. In all clients, call transaction SE54, set the radio button to "Authorization Groups" and press the button "Create/Change".
Create a new entry via button "New entry"(<F5>) with the values
AuGr SPSE
Description PSE files
and save the new record (transport request is needed).
2. Change the following attributes of table SSF_PSE_D.
a) In NW release 6.40 or newer, call transaction SE11 and display table SSF_PSE_D. Navigate via menu "Utilities-Assign Authorization Group" and change the existing value in column "Authorization" to SPSE. If there is no entry you have to create an entry for that table to assign the authority group SPSE. Save the new/changed entry and if the message "Choose the key from the allowed namespace" occurs you have to press enter to continue.
b) In NW release 6.20 or older, start SM30 view maintenace of table view V_DDAT_54 and insert the following line: SSF_PSE_D SPSE PSE-Files
3. Call transaction SE11 again to change the database table SSF_PSE_D. On tab "Delivery and Maintenance", set Data Browser/Table View Maint. = "Display/Maintenance not Allowed" and activate the table after your changes.
4. Verify your authorization concept regarding the new table authorization group. Make sure no user is granted generic table access to tables with authorization group SPSE.

Report RSUSR002 can be used for this purpose. Start the report and enter authorization object S_TABU_DIS in frame "Selection by values", press <Enter> and add the value "SPSE" in the search field for authorization group and let the report run. To find the responsible roles or profiles for the result list you can use the SUIM reports for these areas in the same way.
------------------------------------------------------------------------
|Manual Pre-Implement. |
------------------------------------------------------------------------
|VALID FOR |
|Software Component SAP_BASIS SAP Basis compo...|
| Release 610 All Support Package Levels |
| Release 46C Until SAPKB46C60 |
| Release 46B Until SAPKB46B61 |
| Release 46A Until SAPKB46A34 |
| Release 46D All Support Package Levels |
| Release 620 Until SAPKB62068 |
| Release 640 Until SAPKB64026 |
| Release 700 Until SAPKB70022 |
| Release 710 Until SAPKB71010 |
| Release 711 Until SAPKB71105 |
| Release 701 Until SAPKB70107 |
| Release 702 Until SAPKB70204 |
| Release 720 Until SAPKB72003 |
------------------------------------------------------------------------

Verify the table group assignments for the tables listed in the solution description of the note.
Because SAP can only deliver new values for table TDDAT it can be, that you have to maintain already existing entries like the desciption for the manual implementation of the note.

Verify your authorization concept like the note solution description to complete the implementation of that note.
Ссылки