Scribd Logo
Upload

Welcome to Scribd!

  • SAP Security Notes 20111104

    Uploaded by

    Mike Brogan
    201 views4 pages

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    201 views4 pages

    SAP Security Notes 20111104

    Uploaded by

    Mike Brogan

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    Number Application Area Short text Priority Released On Automatic check in EWA Link 1644143 MDM-FN-MDS Update #1 to Security

    Note 1589234 2 - Correction w ith high priority 19.10.2011 http://service.sap.com/sap/suppo rt/notes/0001644143 1640676 SCM-EM-MGR-ISQ Aktualisierung #1 zu Sicherheitshinweis 1519463 2 - Corr ection with high priority 19.10.2011 http://service.sap.com/s ap/support/notes/0001640676 1604636 EP-PCT-SRM-S Update #1 to Security Note 1511462 2 - Correction w ith high priority 11.10.2011 http://service.sap.com/sap/suppo rt/notes/0001604636 1617221 BC-CTS-CMS Unauthorized modification of stored content in CMS 2 - Correction with high priority 10.10.2011 http://service.s ap.com/sap/support/notes/0001617221 1616535 BC-CST-IC Secure configuration of ICM for the ABAP application ser ver 2 - Correction with high priority 10.10.2011 http://s ervice.sap.com/sap/support/notes/0001616535 1616301 FS-AM-CM Missing authorization check in Contract Management 2 - Correction with high priority 10.10.2011 X http://service.s ap.com/sap/support/notes/0001616301 1614719 IS-ADEC-ETM Missing authorization check in ETM planning 1 - HotN ews 10.10.2011 X http://service.sap.com/sap/support/notes/0001614 719 1614259 MFG-MII Command injection vulnerability in MFG-MII 3 - Correction w ith medium priority 10.10.2011 http://service.sap.com/sap/suppo rt/notes/0001614259 1613739 CRM-IU-MD-TO Hard coded credentials in CRM_IST_SO_GET_FIELDTAB_OLD1 2 - Correction with high priority 10.10.2011 http://service.s ap.com/sap/support/notes/0001613739 1612983 BC-WD-ABA Unauthorized use of appl. functions in mobile extension 2 - Correction with high priority 10.10.2011 X http://service.s ap.com/sap/support/notes/0001612983 1612690 BC-WD-CMP-ALV-ABA Code injection vulnerability in WD ABAP ALV 2 - Correction with high priority 10.10.2011 X http://service.s ap.com/sap/support/notes/0001612690 1612345 BC-WD-CMP-ALV-ABA Missing authorization check in WD ABAP ALV 3 - Correction with medium priority 10.10.2011 http://service.s ap.com/sap/support/notes/0001612345 1611873 BC-CTS-CMS Verb Tampering issues in CM Services 2 - Correction w ith high priority 10.10.2011 http://service.sap.com/sap/suppo rt/notes/0001611873 1611408 SD-SLS Missing authorization check in SD-SLS 2 - Correction with high priority 10.10.2011 http://service.sap.com/sap/support/notes /0001611408 1610299 BC-XI-IS-WKB Unauthorized change to contents in PI message monitoring 2 - Correction with high priority 10.10.2011 X http://service.s ap.com/sap/support/notes/0001610299 1609146 IS-H-PM Potential disclosure of persisted data in IS-H-PM 2 - Corr ection with high priority 10.10.2011 http://service.sap.com/s ap/support/notes/0001609146 1608454 IS-H-BD Directory traversal in IS-H-BD 2 - Correction with high priorit y 10.10.2011 http://service.sap.com/sap/support/notes/0001608 454 1608307 IS-H-PA Directory traversal in IS-H-PA, IS-H-IS-GMS, IS-H-CM-OUT 2 - Correction with high priority 10.10.2011 http://service.s ap.com/sap/support/notes/0001608307 1625893 BC-GP HTTP verb tampering issue in GP WSDLs 3 - Correction with medi um priority 10.10.2011 http://service.sap.com/sap/support/notes /0001625893 1625643 BC-BMT-BPM-DSK Verb Tampering issues in BPEM-PP 2 - Correction w

    ith high priority 10.10.2011 http://service.sap.com/sap/suppo rt/notes/0001625643 1625314 BC-BMT-BRM-ENG HTTP verb tampering issue in BRMS-CORE 2 - Correction w ith high priority 10.10.2011 http://service.sap.com/sap/suppo rt/notes/0001625314 1625060 IS-B-BCA-MD Missing authorization check in component IS-B-BCA 2 - Correction with high priority 10.10.2011 X http://service.s ap.com/sap/support/notes/0001625060 1624836 BC-JAS-SEC Verb Tampering issues in Web Services 2 - Correction w ith high priority 10.10.2011 http://service.sap.com/sap/suppo rt/notes/0001624836 1624360 BC-CTS-DTR-SRV HTTP verb tampering issue in DI_DTR 2 - Correction w ith high priority 10.10.2011 http://service.sap.com/sap/suppo rt/notes/0001624360 1624182 BC-CTS-CBS HTTP verb tampering issue in CBS 2 - Correction w ith high priority 10.10.2011 http://service.sap.com/sap/suppo rt/notes/0001624182 1624092 BC-ESI-UDDI Missing authorization check in UDDI 2 - Correction w ith high priority 10.10.2011 http://service.sap.com/sap/suppo rt/notes/0001624092 1623895 BC-UPG-TLS-TLJ Missing authentication check in Usage Types Viewer 3 - Correction with medium priority 10.10.2011 http://service.s ap.com/sap/support/notes/0001623895 1622551 BC-INS-CTC-CNT Verb Tampering issues in LMCFG 1 - HotNews 10.10.20 11 http://service.sap.com/sap/support/notes/0001622551 1621070 BC-JAS-WEB Identification of SAP Web Servers through Banners 2 - Correction with high priority 10.10.2011 http://service.s ap.com/sap/support/notes/0001621070 1620914 BC-XI-IS Potential information disclosure relating to passwords 3 - Correction with medium priority 10.10.2011 X http://service.s ap.com/sap/support/notes/0001620914 1620411 BC-JAS-SEC-UME Verb Tampering issues in UMEADMIN 2 - Correction w ith high priority 10.10.2011 http://service.sap.com/sap/suppo rt/notes/0001620411 1620262 PA-PF-NL Hard-coded credentials in PA-PF-NL 2 - Correction w ith high priority 10.10.2011 http://service.sap.com/sap/suppo rt/notes/0001620262 1620195 CA-EPT-BCV Missing authorization check in BCV 3 - Correction w ith medium priority 10.10.2011 http://service.sap.com/sap/suppo rt/notes/0001620195 1617369 BC-CTS-CMS Verb Tampering issues in CMS 2 - Correction with high priority 10.10.2011 http://service.sap.com/sap/support/notes /0001617369 1607944 IS-H-CM Directory traversal in IS-H-CM 2 - Correction with high priorit y 10.10.2011 http://service.sap.com/sap/support/notes/0001607 944 1584573 BC-UPG Security verdict in SUGM SAUS SUGM_UPG_TYPE_PLUS_DEL_XML 2 - Correction with high priority 10.10.2011 http://service.s ap.com/sap/support/notes/0001584573 1580241 LOD-ESO-AS Insecure default configuration for file uploads LOD-ESO -AS 3 - Correction with medium priority 10.10.2011 http://s ervice.sap.com/sap/support/notes/0001580241 1578439 BC-TWB-TST-ECA SQL Injections in eCATT (codescan results 8.02) 2 - Corr ection with high priority 10.10.2011 http://service.sap.com/s ap/support/notes/0001578439 1577513 BC-CCM-MON-OS Missing authorization check in FM, SAPOSCOL 2 - Corr ection with high priority 10.10.2011 http://service.sap.com/s ap/support/notes/0001577513 1576708 EP-EWP-SWS Unauthorized modification of stored content in EWS 2 - Correction with high priority 10.10.2011 http://service.s

    ap.com/sap/support/notes/0001576708 1567912 BC-MUS-KFM Missing authorization check in key figure monitor 3 - Correction with medium priority 10.10.2011 http://service.s ap.com/sap/support/notes/0001567912 1567387 EP-PIN-NAV Unauthorized modification of stored content in DTN 2 - Correction with high priority 10.10.2011 http://service.s ap.com/sap/support/notes/0001567387 1566528 IS-M Directory traversal in IS-M 2 - Correction with high priorit y 10.10.2011 http://service.sap.com/sap/support/notes/0001566 528 1562171 TM-BF-AUT Information disclosure within transportation management 3 - Correction with medium priority 10.10.2011 X http://service.s ap.com/sap/support/notes/0001562171 1561295 LO-MD-BP-CM Missing authorization check in customer master data read ing 3 - Correction with medium priority 10.10.2011 http://s ervice.sap.com/sap/support/notes/0001561295 1559604 FS-AM-CM-MC Missing authorization check in CMAccountPoolAM 2 - Corr ection with high priority 10.10.2011 http://service.sap.com/s ap/support/notes/0001559604 1554676 BW-PLA-BPS Unauthorized use of application functions in CRM plannin g 2 - Correction with high priority 10.10.2011 http://s ervice.sap.com/sap/support/notes/0001554676 1552798 EHS-BD Directory Traversal in EH&S 2 - Correction with high priorit y 10.10.2011 http://service.sap.com/sap/support/notes/0001552 798 1537707 BC-WD-ABA Information disclosure for Web Dynpro applications 2 - Correction with high priority 10.10.2011 http://service.s ap.com/sap/support/notes/0001537707 1507266 BW-BEX-ET Potential information disclosure relating to processes 3 - Correction with medium priority 10.10.2011 http://service.s ap.com/sap/support/notes/0001507266 1419607 BC-XI-CON-AFW security compliance for XI/PI 3 - Correction with medi um priority 10.10.2011 http://service.sap.com/sap/support/notes /0001419607 1584857 FS-AM-CM-CA Missing authorization check in credit standing review- c ards 2 - Correction with high priority 10.10.2011 X http://s ervice.sap.com/sap/support/notes/0001584857 1607299 BC-XI Unauthorized modification of displayed content in PI Demo 2 - Correction with high priority 10.10.2011 http://service.s ap.com/sap/support/notes/0001607299 1606808 BC-BW Missing Authorization Check in obsolete RFC 2 - Correction w ith high priority 10.10.2011 http://service.sap.com/sap/suppo rt/notes/0001606808 1603536 IS-U-LIB-DE-EL EQS: Potential disclosure of persisted data in Service C lass 2 - Correction with high priority 10.10.2011 http://s ervice.sap.com/sap/support/notes/0001603536 1602393 FIN-FSCM-CM Hard-coded credentials in Cash Management 2 - Corr ection with high priority 10.10.2011 http://service.sap.com/s ap/support/notes/0001602393 1601155 CRM-ISA-SHA Unauthorized modification of displayed content in CRM-IS A 2 - Correction with high priority 10.10.2011 http://s ervice.sap.com/sap/support/notes/0001601155 1600585 PA-EC Unauthorized use of application functions in PA-EC 2 - Corr ection with high priority 10.10.2011 http://service.sap.com/s ap/support/notes/0001600585 1599565 PE-LSO-CP HTTP verb tampering issue in LSOCP (Content Player) 3 - Correction with medium priority 10.10.2011 http://service.s ap.com/sap/support/notes/0001599565 1599378 IS-U-IDE Potential disclosure of persisted data in IS-U-IDE 2 - Correction with high priority 10.10.2011 http://service.s

    ap.com/sap/support/notes/0001599378 1598698 PA-PF-NL Potential Directory Traversal in PA-PF-NL 2 - Corr ection with high priority 10.10.2011 http://service.sap.com/s ap/support/notes/0001598698 1594125 CRM-MD-PCT Potential disclosure of persisted data in CRM-MD-PCT 2 - Correction with high priority 10.10.2011 http://service.s ap.com/sap/support/notes/0001594125 1593294 PLM-CFO Update #1 to Security Notes 1496707 2 - Correction with high priority 10.10.2011 http://service.sap.com/sap/support/notes /0001593294 1593258 IS-U-CS-ISS Unauthorized modification of displayed content in SAP-UC ES 2 - Correction with high priority 10.10.2011 http://s ervice.sap.com/sap/support/notes/0001593258 1592294 BC-XI-IS-WKB Missing authorization check in SAP NetWeaver PI 3 - Corr ection with medium priority 10.10.2011 http://service.sap.com/s ap/support/notes/0001592294 1587361 BC-JAS-ADM-MON Verb tampering issues in NWA applications 3 - Corr ection with medium priority 10.10.2011 http://service.sap.com/s ap/support/notes/0001587361 1587122 XX-PROJ-FI-CA Potential modification of persisted data in FI-CA 2 - Correction with high priority 10.10.2011 http://service.s ap.com/sap/support/notes/0001587122 1585652 BC-SRV-COM Unauthorized modification of displayed content CCS BCB a pps 2 - Correction with high priority 10.10.2011 http://s ervice.sap.com/sap/support/notes/0001585652

    You might also like