There are some security concerns using Fiori Client in a given corporate environment to access internal resources.
The concerns are regarding:
- printStackTrace() function being present in the app
- Path attribute not being set in session cookie
- Application is vulnerable to beast attack
- Application accepts special character as user input
- Application is vulnerable to Replay Attack
- Application works on rooted device
- Fiori Client 1.x
- Operating system agnostic
Beast Attack; Replay Attack; Fiori Client; security; Android; Windows; Windows Mobile; Apple iOS; iPhone; iPad , KBA , MOB-FC , SAP Fiori Client Native Mobile Application , Problem
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.