SAP Note 29276 - SAPCPIC: At which points are passwords visible

Component : Security -

Solution : https://service.sap.com/sap/support/notes/29276 (SAP Service marketplace login required)

Summary :
Unauthorized access can occur using the SAPCPIC user, typically involved in inter-process/host communications with a default password, facilitating excessive privileges. The recommendation is to either lock the SAPCPIC user or modify its password to mitigate security risks. These changes might impact functionalities like RSM51000, RSCOLL00, and log file messaging for certain releases. It is crucial to ensure return messages from batch jobs are maintained by including a dummy ABAP/4 program in the job steps where required. Documentation regarding affected releases and detailed report impacts like LSXPGU01 is available for further reference.

Key words :
additional key words sapcpic standard user rsusr003, continue receiving return messages, sapcpic---------------------------------affected reports, symptom unauthorized accesses, job remains activated, unauthorized external employees, dummy abap/4 program, user sapcpic, return messages, prerequisites sapcpic

Related Notes :

34998Checking on OS level whether R/3 is running
3310CPIC user SAPCPIC is missing (SM51, statistics)