• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Не установлено обновление Note 1488406

Главная Специалистам База уязвимостей Не установлено обновление Note 1488406

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
Производитель ПО
SAP
Наименование ПО
SAP Notes (1488406-2)
Описание
The user account TMSADM is required by the Transport Management System  (TMS) for the communication infrastructure. It is created with a fixed  password during the configuration of the TMS in client 000 of every  system involved. This allows read access to information provided by TMS. This includes the contents of transport directories.
Как исправить
1. Make possible at least the use of the new standard password as of Release 4.6C. The user account TMSADM will therefore comply with complex password rules. For compatibility reasons, the password length is 8 characters. For more information about this, see Note 761637.

2. To further improve the protection, you should define your own TMSADM password for the TMS landscape.

2.1. In addition, avoid landscapes in which systems of various releases are permanently linked via TMS. This relates to problems with the creation of your own TMSADM password (see Note 1023437). You should place the systems of these landscapes with the same release in separate TMS domains.

2.2. Define your own password for the user account TMSADM. The prerequisites and procedure are described in Note 761637 for all releases as of Release 4.6C.

2.3. Since the procedure of 2.2 requires a lot of manual effort, there is a help tool that can be used for a large number of landscapes without domain links. Proceed as described in Note 1414256 for this.
You can also use external systems for the occasional exchange of transport requests between domains.
Ссылки