Skip links

Switchable Authorization checks for RFC BCA_DIM_LOANS_APPLOG_UPDATE in Loans (FI-CAX-FS), SAP security note 2531082

Description

UPDATE 13th October 2020: This note has been re-released with updated ‘Correction instruction’ information. We added the prerequisite notes 2304952, 2311994 in the correction instruction.

S_RFC authorization checks are not sufficient to ensure secure execution of RFC function modules covered by this SAP Note. New switchable authorization checks have been implemented for RFC function modules in FI-CAX-FS.

Available fix and Supported packages

  • FI-CAX | 602 | 602
  • FI-CAX | 603 | 603
  • FI-CAX | 604 | 604
  • FI-CAX | 605 | 605
  • FI-CAX | 606 | 606
  • FI-CAX | 616 | 616
  • FI-CAX | 617 | 617
  • FI-CAX | 618 | 618
  • FI-CAX | 800 | 800
  • FI-CAX | 801 | 801
  • FI-CAX | 619 | 619
  • FI-CAX | 802 | 802
  • FI-CAX 602 | SAPK-60220INFICAX |
  • FI-CAX 603 | SAPK-60319INFICAX |
  • FI-CAX 604 | SAPK-60420INFICAX |
  • FI-CAX 605 | SAPK-60517INFICAX |
  • FI-CAX 606 | SAPK-60620INFICAX |
  • FI-CAX 616 | SAPK-61612INFICAX |
  • FI-CAX 617 | SAPK-61715INFICAX |
  • FI-CAX 802 | SAPK-80201INFICAX |
  • FI-CAX 618 | SAPK-61809INFICAX |
  • FI-CAX 800 | SAPK-80006INFICAX |
  • FI-CAX 801 | SAPK-80104INFICAX |
  • FI-CAX 606 | SAPK-60621INFICAX |

Affected component

    FI-CAX-FS
    Integration Banking Services

CVSS

Score: 6.3
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/2531082

TAGS

#SACF
#RFC
#authorization
#loans-customization-checks
#BCA_DIM_LOANS_APPLOG_UPDATE
#FS_TB_APPL_LOG