Search This Blog

Monday, June 13, 2011

SAP Note 1262016 - Missing authority check in APO transaction

Symptom
 After implementing note 1235367, which introduced a new authorization object (C_APO_CVC) to control user rights for CVC maintenance by POS, some authorization check is still missing.
Information disclosure due to missing authorization checks in some APO transactions.


Other terms
 C_APO_CVC


Reason and Prerequisites
 Note 1235367 is implemented. Some authorization check is still missing in some APO transactions.


Solution
 Please apply the attached correction or install the corresponding
support package.



Affected Releases
Software
Component
Release
From
Release
To
Release
And
subsequent
SCM
410
410
410
 
SCM
500
500
500
 
SCM
510
510
510
 
SCM
700
700
700
 

Correction delivered in Support Package
Support
Packages
Release
Package
Name
SCM
410
SCM
500
SCM
510
SCM
700

Corrections Instructions
Correction
Instruction
Valid
from
Valid
to
Software
Component
Last
Modifcation
700
700
SCM
17.10.2008  12:59:14
510
510
SCM
17.10.2008  13:24:09
500
500
SCM
21.10.2008  10:13:08
410
410
SCM
21.10.2008  10:25:26





Direct Link : https://service.sap.com/sap/support/notes/1262016

Posted by at

1 comment:

  1. UnknownAugust 12, 2014 at 11:18 AM

    Thanks for taking the time to discuss this, I feel strongly about it and love learning more on this topic. If possible, as you gain expertise, would you mind updating your blog with more information? It is extremely helpful for me. SAP APO Online Training

    ReplyDelete

Subscribe to: Post Comments (Atom)