2088875 - System: Does the recent security warning regarding Java 7 concern SuccessFactors BizX? - BizX Platform

SAP Knowledge Base Article - Public

2088875 - System: Does the recent security warning regarding Java 7 concern SuccessFactors BizX? - BizX Platform

Symptom

Environment

  • BizX Platform

Resolution

The Java 7 vulnerability is for client side machine so the SuccessFactors server is not affected. Bizx does use client side technology which requires the  Java runtime environment. So, client user CANNOT simply disable their Java runtime environment. In addition there are lots of similar vulnerabilities reported recently. There may be more reported in near future. So, just waiting for a patch from the vendor is not a solution.

Here is a suggested solution (this is for  IE browsers, other browsers also have similar functionalities):
1. disable Java applet running in Internet Zone
set following entry value in register table:
set 1C00 in following as 00000
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3

2. Add  the SuccessFactors site to IE Trusted Sites
go to Internet Properties -> Select Security Tab -> Select Trust Sites -> click Sites button -> in the popup panel, add SF to trusted sites e.g.: https://performancemanager4.successfactors.com


After the browser is configured like this, only the applet from trusted sites will get loaded automatically.

Keywords

KBA , LOD-SF-PLT , Foundational Capabilities & Tools , How To

Product

SAP SuccessFactors HCM Core all versions