Security focus – Multiple vulnerability on SAP solution manager – 11th Nov 2020

Preface: CMDB is a repository that should contain only business critical items that you want to track. It should contain a record of information that allows you to answer business critical questions and helps you to connect business processes. CMDB should contain all the items that are important for your business or a service.

About SAP solution manager: SAP solution manager explicitly assists enterprise to fulfill above objectives. If you are planning to use SAP PI module then you should install Java Stack. Java Stack is currently being on Web based front ends and Stand-alone java portal. SAP NetWeaver Process Integration (SAP PI) is SAP enterprise application integration (EAI) software, a component of the NetWeaver product group used to facilitate the exchange of information among a company’s internal software and systems and those of external parties.

SAP Solution Manager – Multiple vulnerabilities due to lack of authentication check: For vulnerability details, please refer to link below. Apart from this, attached diagram can provide a quick way to understand the whole matters.

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571

Changes related to SAP Solution Manager – Because of the SAP update a new version of SAP Solution Manager will be required starting January 1st 2020. The enhancement shown as below:

SAP solution Manager 7.2 SPS05/SPS06 – Partial connectivity to SAP, manual effort required.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.