Skip to Content

Unable to understand SAP Security Notes

Hi,

Every month, on SAP Security Patch day, I log in to Solution Manager > TxCode Solman_Workcenter > System Recommendations > Select a particular system > Leave the Application Component = ALL > Select date range > and click Refresh.

This would show me a list of Security Notes and I would analyse and implement them. While analysing them this month, I noticed few notes which I didn't understand why they were listed. For Example:

  1. The note 2330422 is listed for our SolMan system and says SQL Anywhere Odata Server allows an attacker to do stuff. But we do not have SQL Anywhere Odata in our SolMan. Also the component listed on top of the note is BC-SYB-SQA, which is also not visible in Txcode SB01 in SolMan. So why is this note recommended to me?
  2. The note 1699041 is for software component SAP_APPL, which is not in our system. So again, why is this note recommended to me?
  3. 2331908 is for software component SERVERCORE, which in my understanding is a java component. So I can understand if it is shown for SolMan which is a dual-stack but it is also shown for our SRM system, which is a ABAP stack. But SRM contains the application component mentioned in that note - BC-JAS-ADM-MON. Could it be shown due to that?

Any help will be greatly appreciated. Thanks in advance

Aneeth

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • May 16, 2017 at 02:46 PM

    Hello Aneeth,

    Blog below might help you understand

    https://blogs.sap.com/2016/06/30/how-to-search-for-sap-notes-and-sap-knowledge-base-articles/

    Thanks

    Yogesh

    Add comment
    10|10000 characters needed characters exceeded