• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Note 1843082 - Missing authorization check in RSDUMPSOURCE

Главная Специалистам База уязвимостей Note 1843082 - Missing authorization check in RSDUMPSOURCE

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
(AV:N/AC:L/AU:S/C:P/I:N/A:NSAP)
Производитель ПО
SAP
Наименование ПО
SAP Notes (1843082-2) SAP Support Packages (SAPKB70029, SAPKB70114, SAPKB70214, SAPKB71017, SAPKB71112, SAPKB72008, SAPKB73010, SAPKB73108, SAPKB74003)
Описание
Report RSDUMPSOURCE does not contain authorization checks for checking  an authenticated user's authorization to access some of its functions.This may result in undesired system behavior.
Как исправить
Correction instruction or support package.------------------------------------------------------------------------|Manual Pre-Implement.                                                 |------------------------------------------------------------------------|VALID FOR                                                             ||Software Component   SAP_BASIS                      SAP Basis compo...|| Release 710          Until SAPKB71016                                || Release 711          SAPKB71101 - SAPKB71111                         || Release 730          SAPKB73001 - SAPKB73009                         || Release 720          SAPKB72002 - SAPKB72007                         |------------------------------------------------------------------------To avoid syntax warnings or errors regarding the usage of function module RS_ACCESS_PERMISSION, you need to add a usage declaration for package SEU to the package of report RSDUMPSOURCE:
Transaction SE21.
Package: SLDAP (7.10, 7.11, 7.20) or S_SIMTOOLS (7.30).
Change.
Dependency Control List.
Add.
Inclusion.
Package default interface.
SEU.
Save and activate.
Ссылки