Super user feature in SNC, SAP security note 1430757

Description

This SAP Note has already been released as a normal SAP Note that is not a Security Note. No further activities are required if you have already implemented this SAP Note.

SNC offers for certain UIs a super user functionality.
This means: if a buiness partner is not assigned to a user, he or she can see all data for which he or she has authorization according to the user role.

Due to security concerns this functionalty will not be supported by default anymore.

Available fix and Supported packages

SCMSNC | 510 | 510
SCMSNC | 700 | 700
SCM | 500 | 500
SCM_BASIS | 500 | 500
SCMSNC 510 | SAPK-51013INSCMSNC |
SCMSNC 700 | SAPK-70006INSCMSNC |
SCM 500 | SAPKY50019 |
SCM_BASIS 500 | SAPK-50019INSCMBASIS |

Affected component

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1430757

Vahagn Vardanian

Super user feature in SNC, SAP security note 1430757

Description

Available fix and Supported packages

Affected component

CVSS

PoC

URL

TAGS

#SPP-SNC

Explore More

CVE-2025-0063 SQL Injection Vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform

SAP Security Patch Day – January 2025 Overview

How to Install the RedRays ABAP Security Plugin for Eclipse

How to Install and Configure the RedRays ABAP Code Scanner Plugin for VS Code

Vahagn Vardanian

Super user feature in SNC, SAP security note 1430757

Description

Available fix and Supported packages

Affected component

CVSS

PoC

URL

TAGS

#SPP-SNC

Explore More

CVE-2025-0063 SQL Injection Vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform

SAP Security Patch Day – January 2025 Overview

How to Install the RedRays ABAP Security Plugin for Eclipse

How to Install and Configure the RedRays ABAP Code Scanner Plugin for VS Code

Special offer for SAP Security Udemy course!

$ 9.99