The first article of this series talked about the global deactivation of authorization checks for single authorization objects per transport. A similar risk results from the possibility of deactivating authorization checks transaction-specifically...
Author - Thomas Kastner, Virtual Forge
Thomas Kastner is Managing Director of Virtual Forge. He is heading Research & Innovation, Product Development, IT, Customer Support and Professional Services.
The opinions on the SAP authorization concept diverge widely. Surely, a certain complexity and the related maintenance effort cannot be denied. Yet, the most...
It's amazing that this vulnerability was published as late as 2012, considering the fact that the SAP gateway is a standard interface for every SAP system. And...
