/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
Third-party report shows security vulnerability related to "Backup file" that it will get valid response when access irj/portal/<random string> so it seems to be able to get some backup data.
Therefore, want to know if the security vulnerability exists indeed and if any string after "irj/portal" is expected behavior.
Read more...
Environment
- SAP NetWeaver Java System
- Enterprise Portal
Product
SAP Enterprise Portal all versions
Keywords
security, vulnerability, portal, random, string, backup, file, enterprise portal, irj, alias , KBA , EP-PIN-NAV , Navigation , How To
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)