Onapsis Research Labs

Secure Sockets Layer (SSL)/Transport Layer Security (TLS) is a protocol used to encrypt communications between two entities by exchanging public and private keys to create secure sessions between them. In this blog, I will explain how you can enable SSL (Secure Socket Layer) in your SAP Java system and how you can redirect the HTTP requests to HTTPS protocol.

A recent IDC survey reports that 64% of organizations have suffered an ERP system breach in the past 24 months. To ensure that your organization has the proper processes and controls in place to keep SAP and Oracle E-Business Suite business-critical applications secure and in compliance, we are providing guidance and questions to ask.

To keep our readers informed about security risks and mitigation techniques to Oracle’s biggest ERP, E-Business Suite (EBS), we’re sharing how to configure secure and encrypted web browsing through HTTPS protocol.

Directory Traversal vulnerability in SAP NetWeaver AS Java Web Container (#2486657): These types of attacks always affect the confidentiality of information, since it allows an attacker to read arbitrary files that shouldn’t be accessed. Its high impact on confidentiality makes its CVSS score the highest of this month. An AS Java Web Container without a proper validation of path information could be impacted due to an attacker reading the content of arbitrary files on the remote server, exposing sensitive data.