Skip links
Vahagn Vardanian

Vahagn Vardanian

Co-founder and CTO of RedRays

New authorization check for RFC in component WEC-APP-UM, SAP security note 2066943

Description

This SAP Note describes a new authorization check for the RFC function module COM_WEC_CHECK_SEQ_QTN in component WEC-APP-UM.

Available fix and Supported packages

  • WEBCUIF | 701 | 701
  • WEBCUIF | 731 | 731
  • WEBCUIF | 746 | 746
  • WEBCUIF | 747 | 747
  • WEBCUIF 701 | SAPK-70114INWEBCUIF |
  • WEBCUIF 746 | SAPK-74609INWEBCUIF |
  • WEBCUIF 747 | SAPK-74707INWEBCUIF |
  • WEBCUIF 731 | SAPK-73115INWEBCUIF |

Affected component

    WEC-APP-UM
    Web Channel: User Management and Customer Profile

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/2066943

TAGS

#RFC
#authorization
#Web-Channel-Experience-Management

Explore More

Special offer for SAP Security Udemy course!

$ 9.99

Join “SAP Security Core Concepts and Security Administration” which is part of the Blackhat course series.