Skip links

Switchable Authorization checks for RFC in FI-CA for Data Protection, SAP security note 2546300

Description

S_RFC authorization checks are not sufficient to ensure secure execution of RFC function modules covered by this SAP Note. New switchable authorization checks have been implemented for RFC function modules in FI-CA for Data Protection.

Available fix and Supported packages

  • SAPSCORE | 111 | 111
  • SAPSCORE | 112 | 112
  • S4CORE | 102 | 102
  • FI-CA | 617 | 617
  • FI-CA | 618 | 618
  • FI-CA | 800 | 800
  • FI-CA | 801 | 801
  • | SAPK-S4CLOUD_1802 |
  • | SAPK-S4CLOUD_1805 |
  • S4CORE 102 | SAPK-10201INS4CORE |
  • FI-CA 617 | SAPK-61715INFICA |
  • FI-CA 618 | SAPK-61809INFICA |
  • FI-CA 800 | SAPK-80006INFICA |
  • FI-CA 801 | SAPK-80104INFICA |

Affected component

    XX-PROJ-FI-CA
    obsolete: Please use Component FI-CA instead

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/2546300

TAGS

#SACF
#RFC
#authorization
#FP-DPP

How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer

Initiating SAP Penetration Testing

►   Pentest, short for penetration testing, refers to a set of processes that simulate an attacker’s actions to identify security vulnerabilities. Companies