Skip links
Vahagn Vardanian

Vahagn Vardanian

Co-founder and CTO of RedRays

Certificate Mapping constraint “min. date” without function, SAP security note 1815228

Description

An administrator has specified the constraint “min. date” for a single certificate mapping (using the detailed view of ABAP transactions EXTID_DN or SM30 for view VUSREXTID and type DN) with the intent to prevent the usage of certificates with an attribute “valid from” prior to the specified constraint date.
The system does not prevent the usage of certificates with an attribute “valid from” prior to the specified constraint date for logon.

Available fix and Supported packages

  • KRNL32NUC | 7.20 | 7.20
  • KRNL32NUC | 7.20EXT | 7.20EXT
  • KRNL32NUC | 7.21 | 7.21
  • KRNL32NUC | 7.21EXT | 7.21EXT
  • KRNL32UC | 7.20 | 7.20
  • KRNL32UC | 7.20EXT | 7.20EXT
  • KRNL32UC | 7.21 | 7.21
  • KRNL32UC | 7.21EXT | 7.21EXT
  • KRNL64NUC | 7.20 | 7.20
  • KRNL64NUC | 7.20EXT | 7.20EXT
  • KRNL64NUC | 7.21 | 7.21
  • KRNL64NUC | 7.21EXT | 7.21EXT
  • KRNL64NUC | 7.40 | 7.40
  • KRNL64UC | 7.20 | 7.20
  • KRNL64UC | 7.20EXT | 7.20EXT
  • KRNL64UC | 7.21 | 7.21
  • KRNL64UC | 7.21EXT | 7.21EXT
  • KRNL64UC | 7.40 | 7.40
  • SAP_BASIS | 700 | 702
  • SAP_BASIS | 710 | 730
  • SAP_BASIS 720 | SAPKB72008 |
  • SAP_BASIS 700 | SAPKB70030 |
  • SAP_BASIS 710 | SAPKB71018 |
  • SAP_BASIS 701 | SAPKB70115 |
  • SAP_BASIS 711 | SAPKB71113 |
  • SAP_BASIS 702 | SAPKB70215 |
  • SAP_BASIS 730 | SAPKB73011 |
  • SAP_BASIS 731 | SAPKB73111 |
  • SAP KERNEL 7.20 32-BIT | SP514 | 000514
  • SAP KERNEL 7.20 32-BIT UNICODE | SP514 | 000514
  • SAP KERNEL 7.20 64-BIT | SP514 | 000514
  • SAP KERNEL 7.20 64-BIT UNICODE | SP514 | 000514
  • SAP KERNEL 7.21 32-BIT | SP210 | 000210
  • SAP KERNEL 7.21 32-BIT UNICODE | SP210 | 000210
  • SAP KERNEL 7.21 64-BIT | SP210 | 000210
  • SAP KERNEL 7.21 64-BIT UNICODE | SP210 | 000210
  • SAP KERNEL 7.21 EXT 32-BIT | SP210 | 000210
  • SAP KERNEL 7.21 EXT 32-BIT UC | SP210 | 000210
  • SAP KERNEL 7.40 64-BIT | SP039 | 000039
  • SAP KERNEL 7.40 64-BIT UNICODE | SP039 | 000039

Affected component

    BC-SEC-LGN
    Authentication

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1815228

TAGS

#X.509
#validity
#revocation
#CRL

More to explorer

Special offer for SAP Security Udemy course!

$ 9.99

Join “SAP Security Core Concepts and Security Administration” which is part of the Blackhat course series.