• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Не установлено обновление Note 1513973

Главная Специалистам База уязвимостей Не установлено обновление Note 1513973

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
Производитель ПО
SAP
Наименование ПО
SAP Notes (1513973-6) SAP Support Packages (SAPK-70009INWEBCUIF, SAPK-70103INWEBCUIF, SAPK-73001INWEBCUIF)
Описание
The error is caused because the WEBCUIF start page is cached in the  browser. When the user clicks browser back the browser will not call the  server but take the page from the browser cache. From there it will load  an additional resource from the server which will result in the authentication popup (basic authentication) as no logon has been  performed since logout. Basic authentication is always cached in the  browser and therefore it will not be possible to logout any longer.

The start page is set up to not to be cached. This works well in http  but not in https. So the symptom will only occur with https.
Как исправить
Apply the corresponding support package or implement the correction instructions.

The fix will disable caching even if it is https.
Ссылки