Scribd Logo
Upload

Welcome to Scribd!

  • Rsecnote Sud

    Uploaded by

    Sarut Lapthaweechok
    40 views2 pages

    Original Title

    RSECNOTE_SUD

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    40 views2 pages

    Rsecnote Sud

    Uploaded by

    Sarut Lapthaweechok

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Note 1456569

    Description Potential modification of persisted data


    on SAP_BASIS release 6.40 to SP 27, 7.00
    4, 7.10 to SP 11, 7.11 to SP 5, 7.20 to
    Implementation Implement the correction instruction of

    Note 1511107 (November 2010)


    Description Executing freely determined code using t
    on SAP_APPL rel. 31I to SP 118, 40B to 8
    470 to 34, 500 to 23, 600 to 18, 602 to
    Implementation Implement the correction instruction of

    Note 1520043 (December 2010)


    Description RFC call cat_r2_tab_res without authoriz
    on Basis 46A to SP 34, 46B to 61, 46C to
    27, 700 to 22, 701 to 7, 702 to 6, 710 t
    Implementation Implement the correction instruction of

    Note 1520462 (February 2011)


    Description Unauthorized call of operating system co
    on Basis 46B to SP 61, 46C to 61, 46D to
    27, 700 to 23, 701 to 7, 702 to 6, 710 t
    Implementation Implement the correction instruction of
    Check authorizations of batch users as d

    Note 1520781 (January 2011)


    Description Potential disclosure and modification of
    on IS-OIL release 6.00 from SP 14 to 18,
    3 to 7
    Implementation Implement the correction instruction of

    Note 1525695 (November 2010)


    Description Update #1 for Note 587410: Missing Authorization Check SE37
    on SAP_BASIS 46B to SP 61, 46C to 61, 46D all SP, 620 to 69, 6
    to 23, 701 to 8, 702 to 6, 710 to 11, 711 to 6, 720 to 4, 730
    Implementation Implement the correction instruction of note 1525695 using S
    If you had implemented note 587410 deimplement it first.

    Note 1528822 (February 2011)


    Description WebReporting: Malicious use of hidden parameter
    on Basis 46A to SP 33, 46B to 61, 46C to 61, 46D, 610, 620
    27, 700 to 23, 701 to 8, 702 to 6, 710 to 11, 711 to 6, 720
    Implementation Implement the correction instruction of note 1528822 usin

    Note 1531669 (February 2011)


    Description Missing Authorization Check (Updated on 23.02.2011)
    on SAP_ABA release 7.00 from SP 19-23, 7.01 from SP 3-8, 7.02
    from SP 8-11, 7.11 from SP 2-6, 7.20 to SP 4, 7.30 to SP 1
    Implementation Implement the correction instruction of note 1531669 using S

    Note 1536491 (February 2011)


    Description ALE: Missing authorization check in ALE monitoring tool
    on Basis 46A to SP 34, 46B to 61, 46C to 61, 46D, 610, 620 to
    27, 700 to 23, 701 to 8, 702 to 6, 710 to 11, 711 to 6, 720 to
    Implementation Implement the correction instruction of note 1536491 using S

    Note 1557197 (April 2011)


    Description Missing authorization check in portal connection
    on EA-RETAIL release 2.00 to SP 20, 5.00 to SP 24, 6.00 to SP
    SP 9, 6.03 to SP 8, 6.04 to SP 9, 6.05 to SP 3
    Implementation Implement the correction instruction of note 1557197 using S
    The correction does not affect the normal functions of the app
    The correction deactivates critical obsolete code.

    Note 1560538 (June 2011)


    Description Missing authorization check in SCM-APO-INT
    on SAP_APPL release 6.00 from SP 11-19, 6.02 from SP 3-9, 6.03
    6.04 to SP 9, 6.05 to SP 4
    Implementation Implement the correction instruction of note 1560538 using S

    Note 1567882 (May 2011)


    Description Missing authorization check in BW RFC
    on SAP_BW release 7.00 from SP 21-26, 7.01 from SP 3-8, 7.02 f
    7.10 from SP 7-12, 7.11 from SP 2-6, 7.20 from SP 2-4, 7.30 on
    Implementation Implement the correction instruction of note 1567882 using S

    Note 1583301 (August 2011)


    Description Missing authorization check in Loans Management
    on EA-FINSERV release 110 to SP 32, 200 to SP 21, 500 to SP 24
    19, 603 to SP 8, 604 to SP 9, 605 to SP 4
    Implementation Implement the correction instruction of note 1583301 using S

    Note 1591349 (August 2011)


    Description Missing authorization check in BRF
    on SAP_ABA release 6.40 from SP 14 to 28, 7.00 from SP 5 to 24
    9, 7.02 to SP 8
    Implementation Implement the correction instruction of note 1591349 using S

    Note 1614719 (October 2011)


    Description Missing authorization check in ETM planning
    on ECC-DIMP release 5.00 to SP 15, 6.00 from SP 1-20, 6.02 to
    to SP 9, 6.04 from SP 1-9, 6.05 to SP 5
    Implementation Implement the correction instruction of note 1614719 using S
    Caution: Implement this note only if industry solution DI
    active in transaction SFW5.

    You might also like