Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

December 14, 2010
12:00 am

Collective Note ABAP Session Protection Recommendations, SAP security note 1532777

Description

You want to protect your ABAP system against common session attacks such as session hijacking and session fixation.

Available fix and Supported packages

SAP_BASIS | 640 | 640
SAP_BASIS | 700 | 702
SAP_BASIS | 710 | 730
SAP_BASIS | 731 | 731
SAP_BASIS | 72L | 802

Affected component

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected].

URL

https://launchpad.support.sap.com/#/notes/1532777

TAGS

#Session-Access-Token
#icf/user_recheck
#icf/ssocookie_mandatory
#Security-Session-Management
#sap-syscmd=nocookie

More to explorer

Urgent Security Notice

Press release: RedRays discovered major cybersecurity leak affects 4800 domains

June 4, 2023

Yerevan, 4 June 2023 – RedRays, a cybersecurity provider specializing in the protection of ERP systems, has recently made a disturbing discovery.

Urgent Security Notice

Urgent Security Notice: RedRays Discloses Major Data Breach Affecting SAP Customers

June 2, 2023

RedRays has made an alarming discovery through their rigorous internet data monitoring and analysis: significant breaches involving user logins and passwords of

[CVE-2021-33690] Server Side Request Forgery vulnerability in SAP NetWeaver Development Infrastructure

June 1, 2023

Application: SAP NetWeaver AS JavaVersions Affected: SAP NetWeaver Development Infrastructure Component Build Service versions – 7.11, 7.20, 7.30, 7.31, 7.40, 7.50Vendor URL:

Exploring P4 Protocol: Usage, Implementation, and CVE-2021-37535

May 24, 2023

Introduction The P4 protocol is important in Java remote communication, mainly with Java Naming and Directory Interface (JNDI) and Java Remote Method