Description
S_RFC authorization checks are not sufficient to ensure secure execution of RFC function modules covered by this SAP Note. New switchable authorization checks have been implemented for RFC function modules in FS-CD.
Available fix and Supported packages
- INSURANCE | 600 | 600
- INSURANCE | 602 | 602
- INSURANCE | 603 | 603
- INSURANCE | 604 | 604
- INSURANCE | 605 | 605
- INSURANCE | 606 | 606
- INSURANCE | 616 | 616
- INSURANCE | 617 | 617
- INSURANCE | 618 | 618
- INSURANCE | 800 | 800
- INSURANCE | 801 | 801
- INSURANCE | 802 | 802
- INSURANCE 600 | SAPK-60030ININSURANC |
- INSURANCE 602 | SAPK-60220ININSURANC |
- INSURANCE 603 | SAPK-60319ININSURANC |
- INSURANCE 604 | SAPK-60420ININSURANC |
- INSURANCE 605 | SAPK-60517ININSURANC |
- INSURANCE 606 | SAPK-60620ININSURANC |
- INSURANCE 616 | SAPK-61612ININSURANC |
- INSURANCE 617 | SAPK-61715ININSURANC |
- INSURANCE 802 | SAPK-80201ININSURANC |
- INSURANCE 618 | SAPK-61809ININSURANC |
- INSURANCE 800 | SAPK-80006ININSURANC |
- INSURANCE 801 | SAPK-80104ININSURANC |
Affected component
- FS-CD
Collections and Disbursements
CVSS
Score: 6.3
CVSS:/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/2534991