1. SAP Glossary
  2. Security
  3. cross-site request forgery


What is 'cross-site request forgery' in SAP BC-SEC - Security?


cross-site request forgery - Overview

  • Component: BC-SEC

  • Component Name: Security

  • Description: A class of attacks against application servers that tricks an authenticated user into issuing HTTP requests to an application, which can then lead to an undesired action being triggered on behalf of the victim.


cross-site request forgery - Details


  • Key Concepts: Cross-site request forgery (CSRF) is a type of attack that occurs when a malicious website, email, or program causes a user’s web browser to perform an unwanted action on a trusted site for which the user is currently authenticated. In the context of SAP, CSRF attacks can be used to gain access to sensitive data or to execute unauthorized transactions.
    How to use it: SAP provides several security measures to protect against CSRF attacks. These include using anti-CSRF tokens, implementing strong authentication methods, and using secure communication protocols. Additionally, SAP recommends that users regularly review their security settings and update them as needed.
    Tips & Tricks: To further protect against CSRF attacks, users should be aware of the risks associated with clicking on suspicious links or opening attachments from unknown sources. Additionally, users should be sure to log out of their accounts when they are finished using them.
    Related Information: For more information on CSRF attacks and how to protect against them, please refer to SAP Note 1645861 - Cross-Site Request Forgery (CSRF) Protection in SAP Business Suite and SAP NetWeaver.

    Already have an account? Login here!





cross-site request forgery - Related SAP Terms

Rating
The AI Support Assistant is great. It provides comprehensive assistance even on the most difficult issues. I highly recommend this service.
Rate 1
John Jordan
SAP Consultant & Author