SAP Knowledge Base Article - Public

3037039 - "Error Occurred" When Trying to Access Employee Profile

Symptom

When trying to access an employee profile system throws an error and the profile does not load.



Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.


Environment

SAP SuccessFactors Employee Profile

Reproducing the Issue

  1. In People Search enter the name of the affected employee;
  2. See the error message appearing: "errorId=180ea43c-4d03-4cc8-9e1e-46f265557969, fingerprint=8177055cbdd9d1cb6a84c99cfa2dc45201bd8f6d, timestamp=2021-01-20T10:33:28.823+0100, errorMessage=An application error occurred. Please try again later, or notify support (with the error information of errorID=180ea43c-4d03-4cc8-9e1e-46f265557969, timestamp=2021-01-20T10:33:28.823+0100, and the version information from the current screen) if the issue keeps occurring., errorCode=SECURITYSCANNER, server=160pc12bcf79t, versionInfo=Release%3A%20b2011.20210105055920%0A%20%20%20%20Server%3A%20160pc12bcf79t%0A%20%20%20%20Timestamp%3A%202021-01-20T10%3A33%3A27.364%2B0100";
  3. Try to proxy as the employee an the same issue is experienced.

Cause

The encrypted value of the affected User ID is detected and blocked by the User Input Scanner.

This should only impact limited users when the encrypted data unexpectedly matches attack pattern.

Resolution

As a temporal solution, you can disable the "User Input Scanner" feature.

For the long-term solution, this issue has been addressed in b2105 release. We have an enhancement to SFEncrypter to make the encrypted data URL safe, which means the character "+" or "=" will not be generated in the encrypted data, so the reported sample of encrypted value will not get generated. 

 

We encourage you to check the following Help document for instructions on how to disable the "User Input Scanner" feature and security impacts:

Enabling the Security Scan of User Inputs

 

Please note that disabling this feature will not expose a direct security issue as we have multiple layers of protection against security attack. 

But keep track of this KBA for news on permanent fix.

Keywords

Error Ocurred, Access, Employee, Profile, Error, Issue, Can't, Can Not, errorId=180ea43c-4d03-4cc8-9e1e-46f265557969, fingerprint=8177055cbdd9d1cb6a84c99cfa2dc45201bd8f6d, SEC-4322 , KBA , LOD-SF-EP-PP3 , People Profile (PP3) , Known Error

Product

SAP SuccessFactors HXM Core all versions

Attachments

Pasted image.png