EUVD-2018-14352

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

SAP HANA logs omit SELECT events in CREATE TABLE AS SELECT syntax, affecting audit accuracy.

Reporter	Title	Published	Views	Family All 4
CVE	CVE-2018-2497	11 Dec 201823:00	–	cve
Cvelist	CVE-2018-2497	11 Dec 201823:00	–	cvelist
NVD	CVE-2018-2497	11 Dec 201822:29	–	nvd
Prion	Code injection	11 Dec 201822:29	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "8009eb42-eef8-3ecd-87b8-dbf2d67a2347",
        "vendor": {
          "name": "SAP"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "2e4cbf8d-fe0a-32c7-8916-90ac8b80d2d4",
        "product": {
          "name": "SAP HANA"
        },
        "product_version": "= 1.0"
      },
      {
        "id": "f760f412-5e2d-37fa-94fa-d304173bdb31",
        "product": {
          "name": "SAP HANA"
        },
        "product_version": "= 2.0"
      }
    ]
  }
]

Source	Link
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action
securityfocus	www.securityfocus.com/bid/106152
launchpad	www.launchpad.support.sap.com/
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

3.8Low risk

Vulners AI Score3.8

CVSS 32.7

CVSS 24

EPSS0.00216