SAP Knowledge Base Article - Preview

1475602 - Identifying and resolving security vulnerabilities in SAP Business Objects products [How-To]

Symptom

A third-party tool such as WebInspect or AppScan has been pointed at a deployment of a SAP Business Objects product (BI 4.x - 4.1, 4.2 , 4.3 ) and the resulting report shows a number of security vulnerabilities (such as Cross Site Scripting).

  • How are these issues addressed by SAP Support?
  • What are the responsibilities of the customer?
  • What are the responsibilities of SAP engineers?


Read more...

Environment

  • SAP BusinessObjects Business Intelligence Platform 4.x (BI 4.1 / 4.2 / 4.3)
  • Windows
  • Linux / Unix 

Product

SAP BusinessObjects Business Intelligence platform all versions ; SAP Crystal Reports, developer version for Microsoft Visual Studio

Keywords

security, vulnerability, vulnerabilities, CSS, scan, cross site scripting, xss, webinspect, appscan policy, BI, BO, fix, resolution, htkba , 4.1 , 4.2 , 3.1, 4.2, 4.3, CVE , KBA , cve , crlf , 4.3 , css , security , vulnerability , csrf , vulnerabilities , bobj , sapbi , mkba , bidep , 4.2 , xss , htkba , 4.0 , analytics , 3.1 , 4.1 , 3.x , 4.x , BI-BIP-SEC , Security Vulnerabilities in SAP BusinessObjects , BI-BIP-DEP , Webapp Deployment, Networking, Vulnerabilities, Webservices , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.