• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Не установлено обновление Note 1492505

Главная Специалистам База уязвимостей Не установлено обновление Note 1492505

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
Производитель ПО
SAP
Наименование ПО
SAP Notes (1492505-8) SAP Support Packages (SAPK-60209INEAAPPL, SAPK-60210INEAAPPL, SAPK-60308INEAAPPL, SAPK-60309INEAAPPL, SAPK-60409INEAAPPL, SAPK-60410INEAAPPL, SAPK-60503INEAAPPL, SAPK-60505INEAAPPL, SAPKGPAA32, SAPKGPAB21, SAPKGPAC25, SAPKGPAD19, SAPKGPAD20, SAPKIPEI18)
Описание
Reason:
The EH&S application does not provide any virus scan function  during the report generation. This could result in undesired system behavior.


Prerequisites
For information about the validity of the corrections, see the correction instructions.
Как исправить
To upload documents from the WWI server, the customer can (de)activate a virus check using the profile /CBUI/WWI_REPORT_GEN. The check is optional. However, the profile should always be configured.

The documentation for SAP ERP or SAP NetWeaver describes the configuration of the Virus Scan Interface (VSI) in detail. You can find this description at http://help.sap.com by selecting English in the search function and by using the terms "Security Virus Scan Interface" in the search.

Alternatively, you can use the following path to navigate from http://help.sap.com:
Documentation for SAP NetWeaver
System Administration
Security Guide
In the "SAP NetWeaver Security Guide", you can find the page "Virus Protection and SAP GUI Integrity Checks" under "Security Guides for SAP NetWeaver According to Usage Types" for the usage type "Application Server (AS)".
In the section "Using the Virus Scan Interface", you can access the documentation of the virus scan interface using the link "Virus Scan Interface".
Carry out the ABAP-specific configuration of the virus scan interface as described to set up the virus search function for WWI or define an inactive profile with the name /CBUI/WWI_REPORT_GEN to deactivate the virus search function. Refer to Note 786179 for more detailed information about using the virus scan interface.

The "Reference to Support Packages" section specifies the Support Packages that contain the corrections.

Alternatively, you can implement the attached correction instructions.
Ссылки