Skip links

S_TCODE Authority check on T000 by SM30, SAP security note 1265043

Description

A user with no authorization to access the table T000, can maintain the same via the transaction SM30 or a transaction that calls the table T000 via view maintenance.

Available fix and Supported packages

  • SAP_APPL | 40B | 40B
  • SAP_APPL | 45B | 45B
  • SAP_BASIS | 46B | 46D
  • SAP_BASIS | 620 | 640
  • SAP_BASIS | 700 | 702
  • SAP_BASIS | 710 | 711
  • SAP_BASIS 46C | SAPKB46C58 |
  • SAP_BASIS 620 | SAPKB62066 |
  • SAP_BASIS 710 | SAPKB71008 |
  • SAP_BASIS 711 | SAPKB71102 |
  • SAP_BASIS 700 | SAPKB70019 |
  • SAP_BASIS 701 | SAPKB70104 |
  • SAP_BASIS 640 | SAPKB64025 |

Affected component

    BC-CTS-CCO
    Client Copy (For ByD issues select BC-TLM-CP)

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/1265043

TAGS

#SCC4
#Client-Table
#T000.