/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
There are some security concerns using Fiori Client in a given corporate environment to access internal resources.
The concerns are regarding:
- Using Webview with JavaScript enabled
- printStackTrace() function being present in the app
- Path attribute not being set in session cookie
- Application is vulnerable to beast attack
- Application accepts special character as user input
- Application is vulnerable to Replay Attack
- Application works on rooted device
Read more...
Environment
- Fiori Client 1.x
- Operating system agnostic
Product
SAP Fiori Client 1.11 for Android ; SAP Fiori Client 1.11 for Windows ; SAP Fiori Client 1.11 for iOS
Keywords
Beast Attack; Replay Attack; Fiori Client; security; Android; Windows; Windows Mobile; Apple iOS; iPhone; iPad , KBA , MOB-FC , SAP Fiori Client Native Mobile Application , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)