Before You Start
Underlying Security Guides
Performance Management is based on SAP NetWeaver ABAP. Therefore, the corresponding Security Guides also apply to Performance Management. Note in particular the most important sections or specific restrictions that are entered in the following table.
Security Guide of Scenario, Application, or Component |
Most Important Sections or Specific Restrictions |
|---|---|
Relevant for manager involvement in Performance Management. |
|
Relevant for the Performance Management applications that run in the portal. |
|
Relevant for attachments in appraisal documents. |
Important SAP Notes
For a complete list of available SAP Security Guides, see SAP Service Marketplace at http://service.sap.com/securityguide
.
The most important SAP Notes that apply to the security of Performance Management are shown in the table below.
Title |
SAP Note |
Comment |
|---|---|---|
Unauthorized use of functions in the BSP application for the appraisal document (XSRF (cross-site request forgery) security risk in appraisal document) |
Describes unauthorized access to BSP applications pages for the appraisal document |
|
Missing authorization check |
Describes the visibility of appraisal documents locked by the administrator even though the administrator does not have the authorization to do so. |
You can find a list of additional SAP HotNews and SAP Notes that are relevant to security on SAP Service Marketplace at http://service.sap.com/securitynotes.
More Information
For more information about special topics, following the quick links in the table below.
Content |
Comment |
|---|---|
Security |
|
Security Guide |
|
Related Notes |
|
Permitted Platforms |
|
Network Security |
|
SAP Solution Manager |
|
SAP NetWeaver |