Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1676065-1)
SAP Support Packages
(ENGINEAPI_710_SP013_000003, ENGINEAPI_710_SP014_000001, ENGINEAPI_710_SP015_000000, ENGINEAPI_710_SP999999_999999, ENGINEAPI_711_SP008_000005, ENGINEAPI_711_SP009_000002, ENGINEAPI_711_SP010_000000, ENGINEAPI_711_SP999999_999999, J2EE_ENGINE_SERVERCORE_710_SP013_000005, J2EE_ENGINE_SERVERCORE_710_SP014_000002, J2EE_ENGINE_SERVERCORE_710_SP015_000000, J2EE_ENGINE_SERVERCORE_710_SP999999_999999, J2EE_ENGINE_SERVERCORE_711_SP008_000008, J2EE_ENGINE_SERVERCORE_711_SP009_000002, J2EE_ENGINE_SERVERCORE_711_SP010_000000, J2EE_ENGINE_SERVERCORE_711_SP999999_999999, SAP_J2EE_ENGINE_640_SP029_000003, SAP_J2EE_ENGINE_640_SP030_000000, SAP_J2EE_ENGINE_640_SP999999_999999, SAP_J2EE_ENGINE_700_SP027_000000, SAP_J2EE_ENGINE_700_SP999999_999999, SAP_J2EE_ENGINE_701_SP011_000001, SAP_J2EE_ENGINE_701_SP012_000000, SAP_J2EE_ENGINE_701_SP999999_999999, SAP_J2EE_ENGINE_702_SP010_000003, SAP_J2EE_ENGINE_702_SP012_000000, SAP_J2EE_ENGINE_702_SP999999_999999, SAP_J2EE_ENGINE_CORE_640_SP030_000000, SAP_J2EE_ENGINE_CORE_640_SP999999_999999, SAP_J2EE_ENGINE_CORE_700_SP025_000008, SAP_J2EE_ENGINE_CORE_700_SP026_000002, SAP_J2EE_ENGINE_CORE_700_SP027_000000, SAP_J2EE_ENGINE_CORE_700_SP999999_999999, SAP_J2EE_ENGINE_CORE_701_SP010_000010, SAP_J2EE_ENGINE_CORE_701_SP011_000001, SAP_J2EE_ENGINE_CORE_701_SP012_000000, SAP_J2EE_ENGINE_CORE_701_SP999999_999999, SAP_J2EE_ENGINE_CORE_702_SP010_000005, SAP_J2EE_ENGINE_CORE_702_SP011_000001, SAP_J2EE_ENGINE_CORE_702_SP012_000000, SAP_J2EE_ENGINE_CORE_702_SP999999_999999)
Описание
Every assertion ticket is created for a certain system. The Web AS Java accepts assertion tickets that were issued for another system which may prove to be insecure, even if it would be extremely difficult for anyone to abuse this. Therefore starting with the releases mentioned in this note the Web AS Java will by default reject any assertion ticket that was not created specifically for itself, even if a valid trust relation exists.
Как исправить
Update the Web AS Java to the latest patch of the respective release as described in the "SP Patch Level" section of the note or upgrade the whole stack to the latest SP available on the SAP Service Marketplace.
This new behaviour is controlled by a UME property named "login.assertion.ticket.validate_recipient". By default its value is set to "true", which means that the Web AS Java will reject assertion tickets issued for another systems, and it is strongly advised that it remain unchanged. However, if you have serious reasons you can change its value to "false" which will revert back to the old behaviour.
This new behaviour is controlled by a UME property named "login.assertion.ticket.validate_recipient". By default its value is set to "true", which means that the Web AS Java will reject assertion tickets issued for another systems, and it is strongly advised that it remain unchanged. However, if you have serious reasons you can change its value to "false" which will revert back to the old behaviour.
Ссылки