SAP Knowledge Base Article - Preview

1475602 - Identifying and resolving security vulnerabilities in SAP Business Objects products [How-To]

Symptom

A third-party tool such as WebInspect or AppScan has been pointed at a deployment of a SAP Business Objects product (BI 4.x - 4.1, 4.2 , 4.3 ) and the resulting report shows a number of security vulnerabilities (such as Cross Site Scripting).

  • How are these issues addressed by SAP Support?
  • What are the responsibilities of the customer?
  • What are the responsibilities of SAP engineers?


Read more...

Environment

  • SAP BusinessObjects Business Intelligence Platform 4.x (BI 4.1 / 4.2 / 4.3)
  • Windows
  • Linux / Unix 

Product

SAP BusinessObjects Business Intelligence platform all versions ; SAP Crystal Reports, developer version for Microsoft Visual Studio

Keywords

security, vulnerability, vulnerabilities, CSS, scan, cross site scripting, xss, webinspect, appscan policy, BI, BO, fix, resolution, htkba , 4.1 , 4.2 , 3.1, 4.2, 4.3, CVE , KBA , bidep , 4.2 , xss , htkba , 4.0 , analytics , 3.1 , 4.1 , 3.x , 4.x , cve , crlf , 4.3 , css , security , vulnerability , csrf , vulnerabilities , bobj , sapbi , mkba , BI-BIP-DEP , Webapp Deployment, Networking, Vulnerabilities, Webservices , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.