The Extended Application Services (XS) in SAP HANA allows remote attackers to inject arbitrary ABAP code via unspecified vectors, aka SAP Note 2098906. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
7.5AI Score
0.006EPSS
SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and other sensitive information by sniffing the...
7.3AI Score
0.003EPSS
SAP HANA Extend Application Services (XS) allows remote attackers to bypass access restrictions via a request to a private IU5 SDK application that was once...
7.5AI Score
0.005EPSS