This blog is written in an effort to raise more awareness on securing your SAP infrastructure. In this case specifically on the topic of securing the SAP Transport Mechanism.
Over the past years there has been published a lot of information on securing your SAP infrastructure. SAP itself has published the SAP Security guides, there are many SAP Security researchers that present their findings on Security conferences and here on SCN people are also actively blogging on this topic. Many security related topics have already been highlighted, but I found there was not much information on the specific topic of Securing the SAP Transport Management System (TMS). I therefore did a deep-dive into this topic myself and wrote a whitepaper on it.
To summarize some findings:
5 important vulnerabilities that might exist in your SAP infrastructure related to TMS:
•XPRA execution
•User TMSADM exists with default password, outside client 000 or has too much authorisation
•Access rights on the TMS transport directory share are not restrictive enough
•ABAP code vulnerabilities in STMS related reports and Function Modules
•Remote execution of TP commands
Some solutions to prevent the above:
To prevent XPRA execution:
Mitigate risks around the TMSADM user:
Mitigate risks related to the transport shares:
ABAP vulnerabilities:
Remote execution TP commands:
General recommendations somewhat related:
For more background information on this topic and also a detailed description on exploiting these vulnerabilities see the whitepaper on:
http://www.erp-sec.com/news/
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
23 | |
4 | |
3 | |
3 | |
2 | |
2 | |
2 | |
2 | |
2 | |
2 |