Solution : https://service.sap.com/sap/support/notes/1394100 (SAP Service marketplace login required)
Summary :
The SAP Note addresses a security risk in ABAP systems where unauthorized execution of remote-enabled function modules can occur via SOAP and HTTP channels if the ICF service "/sap/bc/soap/rfc" is incorrectly activated. This vulnerability arises if the RFC authorization is too permissive. Users are advised to check the use of this service in their landscape and deactivate it if not required. For landscapes where the service must remain active, ensure that authorizations are tightly controlled. Additional guidance is provided for logging server activity to track unauthorized access in the ICMan server log, and for migrating to Web Service Framework post-Web AS 640.
Key words :
/saphelp_webas620/helpdata/de/73/b5f99d019f11d5991400508b6b8b11/content, /saphelp_webas620/helpdata/en/73/b5f99d019f11d5991400508b6b8b11/content, remote-enabled function modules occurs, access remote-enabled function modules, simple object access protocol, /sap/bc/soap/rfc, remote function call, /sap/bc/srt, internet communication framework, server log entries
Related Notes :
| 1504652 | |
| 1487606 | IDoc inbound processing via HTTP/SOAP |
| 1394093 | Collective Security Note |
| 626073 | Unreleased Internet Communication Framework services |
| 93254 | RFC short dump RFC_NO_AUTHORITY |
| 40689 |