Hi Team,
We have a vulnerability found for Memory corruption in the SAP Enqueue Server for Java.
The SAP Enqueue Server access control list (ACL) configuration file does not exist in our JAVA system and to mitigate the vulnerability we are planning to configure a restrictive ACL file in "enque/server/acl_file" (SAP Enqueue Server acl file)
We have few of the interface systems that connects to our JAVA application and here we need that details like do we need to maintain all the interface systems IP address in the acl file or just do we have to maintain only the internal JAVA application server IP's.
Please support here to procced with this implementation.
Thanks & Regards
Tharun