Description

SAP Knowledge Management and Collaboration (KMC) is the basic content services within SAP NetWeaver Portal.

After the installation, the permission Everyone Full Control is assigned to all folders. You should restrict access permissions on the root nodes of security-relevant repositories immediately after the installation or after configuring new repository managers in order to prevent documents being read illegally by users hacking or guessing document URLs (see SAP Note 599425).

Remediation

For recommendations on how to assign permissions, see SAP Note 599425.

References

Related Vulnerabilities