Solution : https://service.sap.com/sap/support/notes/1555523 (SAP Service marketplace login required)
Summary :
SAP WebGUI utilizes a redesigned Java applet to ensure safe local operations such as file uploads and downloads within the SAP environment. The applet requires the SAP cryptographic library, which must be installed on the SAP application server or ITS. Proper installation of the library is critical, as improper setup will trigger security warnings. The update introduces enhanced security features including protocol whitelisting and directory restrictions. Users must manually confirm trust for each new request from the system to the Java applet, and configuration is governed through specific white and blacklists within the “WEBGUI.CFG” configuration file.
Key words :
software component sap_basis sap basis compo, public key based handshake procedure, cvss information cvss base score, emulate sap gui inside, correct kernel patch mentioned, cvss base score, java property variable user, 8cvss base vector, listed support packages, release 640 sapkb64026 - sapkb64028
Related Notes :
| 1661740 | ITS UpDown: moved applet into kernel for urgui |
| 1658582 | ITS Up/Down: new security applet FAQ |
| 1590252 | ITS up/down: java errors in urgui |
| 1586053 | ITS Up/Down: fix for new security applet |