1469845

3
8/2/2019 1469845 http://slidepdf.com/reader/full/1469845 1/3 Number 1469845 Version 3 Processor EVERIS Processing Status In Process Implement. Status Completely implemented Language EN Short Text Missing authorization check in RMA Component IS-R-LG-RMA  ________________________________________________________________________ Long Text Symptom Certain functions of the retail method of accounting (RMA) can be called, even if the user that is logged on does not have the required authorization for this. This may result in an escalation of privileges. Other terms Authorization, authoriztion check, stock ledger, retail method of accounting (RMA) Reason and Prerequisites This note is relevant only if the business function ISR_RETAIL_RMA has been activated. In the RMA, authorization checks that regulate access to functions are missing. A user that is logged on can simply call these functions without these checks and this may result in an unwanted change to the system behavior. Solution The new role SAP_ISR_RMA_ADMINISTRATOR is delivered with ECC 6.05 Support Package (SP) 02, ECC 6.04 SP07 and ECC 6.03 SP07. Correction instructions for the authorization checks are attached for ECC 6.05 and 6.04. Note the following manual tasks. ------------------------------------------------------------------------ |Manual Post-Implement. | ------------------------------------------------------------------------ |VALID FOR | |Software Component EA-RETAIL SAP R/3 Enterpr...| | Release 604 Until SAPK-60406INEARETAIL | ------------------------------------------------------------------------ Create transaction S_E5R_84000137 as a parameter transaction as follows: - Package: WRF_ORGPRICE_DDIC - Transaction text: Data Transfer Table WRF_ORGPRICE - Transaction: START_REPORT - Skip initial screen - Inherit GUI attributes - Professional User Transaction - GUI support: SAP GUI for HTML, SAP GUI for Java, SAP GUI for Windows - Default Values: D_SREPOVARI-REPORTTYPE D_SREPOVARI-REPORT RWRF_ORGPRICE_SETUP SAP Note Nr. 1469845 26.11.2010 Page 1  ________________________________________________________________________

Transcript of 1469845

Page 1: 1469845

8/2/2019 1469845

http://slidepdf.com/reader/full/1469845 1/3

Number 1469845

Version 3

Processor EVERIS

Processing Status In Process

Implement. Status Completely implemented

Language EN

Short Text Missing authorization check in RMA

Component IS-R-LG-RMA

 ________________________________________________________________________

Long Text

Symptom Certain functions of the retail method of accounting (RMA) can be called, even if the

user that is logged on does not have the required authorization for this. This may

result in an escalation of privileges.

Other termsAuthorization, authoriztion check, stock ledger, retail method of accounting (RMA)

Reason and PrerequisitesThis note is relevant only if the business function ISR_RETAIL_RMA has been activated.

In the RMA, authorization checks that regulate access to functions are missing. A user

that is logged on can simply call these functions without these checks and this may

result in an unwanted change to the system behavior.

Solution

The new role SAP_ISR_RMA_ADMINISTRATOR is delivered with ECC 6.05 Support Package (SP)02, ECC 6.04 SP07 and ECC 6.03 SP07. Correction instructions for the authorization

checks are attached for ECC 6.05 and 6.04. Note the following manual tasks.

------------------------------------------------------------------------

|Manual Post-Implement. |

------------------------------------------------------------------------

|VALID FOR |

|Software Component EA-RETAIL SAP R/3 Enterpr...|

| Release 604 Until SAPK-60406INEARETAIL |

------------------------------------------------------------------------

Create transaction S_E5R_84000137 as a parameter transaction as follows:

- Package: WRF_ORGPRICE_DDIC

- Transaction text: Data Transfer Table WRF_ORGPRICE

- Transaction: START_REPORT

- Skip initial screen

- Inherit GUI attributes

- Professional User Transaction

- GUI support: SAP GUI for HTML, SAP GUI for Java, SAP GUI for Windows

- Default Values:

D_SREPOVARI-REPORTTYPED_SREPOVARI-REPORT RWRF_ORGPRICE_SETUP

SAP Note Nr. 1469845 26.11.2010 Page 1

 ________________________________________________________________________

Page 2: 1469845

8/2/2019 1469845

http://slidepdf.com/reader/full/1469845 2/3

Create the role SAP_ISR_RMA_ADMINISTRATOR as follows:

Description: RMA administrator

Menu:

- Transaction WRMA_CHECK

- Folder for RMA inbound with transactions:

WRMA_WRART

WRMA_NO_DOC

WRMA_VALUES

WRMA_DATA_DISPLAY

- Folder for original price with transactions:

S_E5R_84000137

WRF_ORGPR_MAINTAIN

------------------------------------------------------------------------

|Manual Post-Implement. |

------------------------------------------------------------------------

|VALID FOR ||Software Component EA-RETAIL SAP R/3 Enterpr...|

| Release 605 Until SAPK-60501INEARETAIL |

------------------------------------------------------------------------

Create transaction S_E5R_84000137 as a parameter transaction as follows:

- Package: WRF_ORGPRICE_DDIC

- Transaction text: Data Transfer Table WRF_ORGPRICE

- Transaction: START_REPORT

- Skip initial screen

- Inherit GUI attributes

- Professional User Transaction

- GUI support: SAP GUI for HTML, SAP GUI for Java, SAP GUI for Windows- Default Values:

D_SREPOVARI-REPORTTYPE

D_SREPOVARI-REPORT RWRF_ORGPRICE_SETUP

Create the role SAP_ISR_RMA_ADMINISTRATOR as follows:

Description: RMA administrator

Menu:

- Transaction WRMA_CHECK

- Folder for RMA inbound with transactions:

WRMA_WRART

WRMA_NO_DOC

WRMA_VALUES

WRMA_DATA_DISPLAY

- Folder for original price with transactions:

S_E5R_84000137

WRF_ORGPR_MAINTAIN

 ________________________________________________________________________

 Valid Releases

SAP R/3 Enterprise AddOn Retail

603

604605

SAP Note Nr. 1469845 26.11.2010 Page 2

 ________________________________________________________________________

Page 3: 1469845

8/2/2019 1469845

http://slidepdf.com/reader/full/1469845 3/3

 ________________________________________________________________________

Links to Support Packages

Software Component Release Package Name

 ________________________________________________________________________SAP R/3 Enterprise AddOn Retail

603 SAPK-60307INEARETAIL

604 SAPK-60407INEARETAIL

605 SAPK-60502INEARETAIL

 ________________________________________________________________________

SAP Note Nr. 1469845 26.11.2010 Page 3

 ________________________________________________________________________


Chapter 24

Chapter 24

Jan Van Eyck and the Man In A Red Turban

Jan Van Eyck and the Man In A Red Turban

Plato - Symposium

Plato - Symposium

Iron Mills Essay

Iron Mills Essay

How Computer Keyboards Work

How Computer Keyboards Work

Personality Development

Personality Development

Venture Capital

Venture Capital

Who Killed God

Who Killed God

The Dutch Republic In International Trade

The Dutch Republic In International Trade

Bhagavad Gita

Bhagavad Gita

Life Is Just A Dream - Or Is It?

Life Is Just A Dream - Or Is It?

Bodybuilding - The Rock Hard Challenge (Month 1 Training)

Bodybuilding - The Rock Hard Challenge (Month 1 Training)

xCDC14a

xCDC14a

How Computer Monitors Work

How Computer Monitors Work

18 Tricks to Teach Your Body

18 Tricks to Teach Your Body

Star Wars Prequel Trilogy Trivia (Episodes I-III)

Star Wars Prequel Trilogy Trivia (Episodes I-III)

The Best American Humorous Short Stories

The Best American Humorous Short Stories

Physical Modelling Synthesis Overview

Physical Modelling Synthesis Overview

Chapter 23

Chapter 23

Algorithms

Algorithms