SAP Knowledge Base Article - Preview

3550679 - FAQ: WEB UI Security Note Implementation

Symptom

This KBA answers some common questions-regarding Implementation of WEB UI Security Notes which usually have the title "xxxxxxxx Cross-Site Scripting (XSS) vulnerability in SAP CRM (Web Client UI)".

  • Is there any Interdependency on other ABAP connected systems from CRM or other way around ?
  • How to check if WEBCUIF is used or not ?
  • Is this vulnerability only specific for CRM system ?
  • Is  upgrade needed for the WEBCUIF on all the ABAP connected systems for CRM ?

Note:  WEBCUIF component is available in all the ABAP systems i.e. ECC, CRM, Gateway etc..

 


Read more...

Environment

  • SAP Customer Relationship Management (CRM)
  • SAP enhancement package for SAP CRM
  • SAP enhancement package for SAP CRM, version for SAP HANA
  • SAP Solution Manager
  • Web UI.

Product

SAP Customer Relationship Management 7.0 on SAP enhancement package 1 for SAP NetWeaver 7.0

Keywords

Interdependency, WEBCUI Framework,  dependency on ABAP systems, T Code SICF, CRM_UI_START,  applicable, WEBCUIF component is used, vulnerability in SAP CRM, Security Note, Security note requirement. , KBA , CA-WUI-UI , User Interface , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.