Symptom
A security penetration test has reported that an application in the BTP NEO platform has an insecure cookie attribute: SameSite=None.
Example:
Set-Cookie: JSESSIONID= xxxxxxxxxxx; Path=/; Secure; HttpOnly; SameSite=None;
Read more...
Environment
SAP Business Technology Platform
Product
SAP Business Technology Platform all versions
Keywords
pen test, fiori applications, audit , KBA , BC-NEO-SEC-IAM , Authentication, Authorization(Cloud Platform Neo) , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.