SAP Security Blog
Browsing Category
See SAP Note 2513585 – Potential DDIC objects and data loss during upgrades to NetWeaver SAP Note 2766198 – SAP_WFRT Authorization Issues With Custom Logic. Also see https://blogs.sap.com/2021/02/10/how-to-make-access-control-in-abap-cds./
SAP Note 1704499 – System Measurement for License Audit SAP Note 2499866 – Auditing Activity in SAP HANA Systems select * from SYS.AUDIT_LOG where STATEMENT_USER_NAME = ‘SYSTEM’; SELECT * FROM SYS.ALL_AUDIT_LOG; SELECT * FROM SYS.AUDIT_LOG; Please note that if viewed on SYSTEMDB, users also need the DATABASE AUDIT ADMIN or DATABASE ADMIN system privilege: SELECT …
SAP Note 1500217 – How to make changes to important functions that are assigned to users – SAP ONE Support Launchpad SAP Note 1848439 – How to maintain the Partner Contact (PRM) role for S-User ID – SAP ONE Support Launchpad How to remove or transfer important functions to another S-User ID (does not apply to PRM_CP) To request that SAP make important …
As of HANA Studio 2.3.53, default analytic privilege is changed to “SQL Analytic Privilege”. Resolution · HANA Studio version < 2.3.53, default analytic privilege of newly created Calculation View was “Classical Analytic Privileges”. · HANA Studio version >= 2.3.53, default analytic privilege of newly created Calculation View is “SQL Analytic Privileges”. See SAP Note 2963203 – What …
Google Chrome has started out an incompatible change regarding the “SameSite” cookie attribute on Feb 17, 2020 but promises to support the Cookie Legacy SameSite Policies at least until February 2021. See SAP Note 2887651 – Issues with SameSite cookie handling in case of issues with logon or missing content for cross-domain browser integration scenarios, …
SAP Note 2986980 has just been released on component BW-WHM-DST-DBC:[CVE-2021-21465] Multiple vulnerabilities in SAP Business Warehouse (Database Interface). The reported issues have been fixed by disabling the affected function module RSDL_DB_GET_DATA_BWS as it must not be used anymore. Note: this means that after applying the note every call of the function will lead to a …
SAP Note 1993697 – IS-U Energy losses in transformers, Lines and Reactors for Ukraine
Security in Neo Environment https://blogs.sap.com/2019/11/12/setting-up-sap-cloud-platform-transport-management-for-sap-cloud-platform-integration/ Show current user details in Cloud Foundry apps with IAS SAP Cloud Platform Identity Authentication Service (IAS) Security in the Cloud Foundry Environment 2752867 – SAP Cloud Platform Integration for process services : restrictions in the SAP Cloud Platform CF environment / data center 2469460 – Key-store management in SAP …
SAP Note 1969700 – SQL Statement Collection for SAP HANA SAP Note 2841512 – How to: Import predefined SQL script to HANA studio or HANA cockpit. https://wiki.scn.sap.com/wiki/display/SAPHANA/SQL+Queries+Collection
Use tcode SMGW via menu Goto >Expert Functions> External Security> Maintenance of ACL Files. https://wiki.scn.sap.com/wiki/display/SI/RFC+Gateway+Access+Control+Lists https://wiki.scn.sap.com/wiki/display/SI/RFC+Gateway+Access+Control+Lists#RFCGatewayAccessControlLists-secinfo SAP Note 1850230 – GW: “Registration of tp <program ID> not allowed” [VIDEO]