Skip links
Vahagn Vardanian

Vahagn Vardanian

Co-founder and CTO of RedRays

Adjusting role templates S_RS_HYBR and S_RS_LPOA added, SAP security note 1432456

Description

Symptom 1

You use the role template S_RS_RDEMO or S_RS_ROPOP to set up roles. However, after you assign the roles, the users have no authorization for HybridProviders (S_RS_HYBR) or semantically partitioned InfoProviders (S_RS_LPOA).

Symptom 2

You use the role template “S_RS_RDEAD: BI role: BI Administrator (development system)”. The template gives the assigned users the authorization for all transactions (S_TCODE = “*”). This is not advisable for security reasons.

Available fix and Supported packages

  • SAP_BW | 720 | 730
  • SAP_BW 720 | SAPKW72003 |

Affected component

    BW-WHM-DST-AUT
    Authorizations

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1432456

TAGS

#RSS
#RSBB_AUTHORITY_CHECK
#semantically-partitioned-object
#SPO

Explore More

Special offer for SAP Security Udemy course!

$ 9.99

Join “SAP Security Core Concepts and Security Administration” which is part of the Blackhat course series.