177 matches found
CVE-2019-0363
Attackers may misuse an HTTP/REST endpoint of SAP HANA Extended Application Services Advanced model, before version 1.0.118, to overload the server or retrieve information about internal network ports...
CVE-2019-0363
Attackers may misuse an HTTP/REST endpoint of SAP HANA Extended Application Services Advanced model, before version 1.0.118, to overload the server or retrieve information about internal network ports...
CVE-2019-0364
Attackers may misuse an HTTP/REST endpoint of SAP HANA Extended Application Services Advanced model, before version 1.0.118, to enumerate open ports...
CVE-2019-0363
CVE-2019-0363 affects SAP HANA Extended Application Services (Advanced model). An HTTP/REST endpoint may be misused before version 1.0.118 to overload the SAP HANA server or to reveal information about internal network ports. This describes a network-based issue in the HTTP/REST interface with a ...
SAP HANA Extended Application Services External Entity Injection Vulnerability
SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions to support users to query real-time business data query and analysis.Extended Application Services is an application server, Web server and SAP HANA System within the Web...
CVE-2019-1876
A vulnerability in the HTTPS proxy feature of Cisco Wide Area Application Services WAAS Software could allow an unauthenticated, remote attacker to use the Central Manager as an HTTPS proxy. The vulnerability is due to insufficient authentication of proxy connection requests. An attacker could...
Cisco Wide Area Application Services (WAAS) HTTPS Proxy Authentication Bypass Vulnerability
Cisco Wide Area Application Services WAAS is a comprehensive WAN optimization solution that improves the performance of applications running in WAN environments, delivers video to branch offices and locally hosts branch office IT services. An authentication bypass vulnerability exists in the HTTP...
SAP HANA Extended Application Services Information Disclosure Vulnerability (CNVD-2019-34744)
SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions to support users to query real-time business data query and analysis.Extended Application Services is an application server, Web server and SAP HANA System within the Web...
Design/Logic Flaw
SAP HANA Extended Application Services advanced model, version 1, allows authenticated low privileged XS Advanced Platform users such as SpaceAuditors to execute requests to obtain a complete list of SAP HANA user IDs and names...
CVE-2019-0306
SAP HANA Extended Application Services advanced model, version 1, allows authenticated low privileged XS Advanced Platform users such as SpaceAuditors to execute requests to obtain a complete list of SAP HANA user IDs and names...
The vulnerability of the SAP HANA Extended Application Services application development tool in the SAP Landscape Management automation system allows a perpetrator to execute arbitrary code.
The vulnerability of the SAP HANA Extended Application Services application development tool in the SAP Landscape Management automation system is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a special...
The vulnerability of the SAP HANA Extended Application Services development tool lies in the fact that the recording of user credentials in a trace file allows an attacker to access protected information.
The vulnerability of the SAP HANA Extended Application Services development tool lies in the process of recording user credentials in a trace file. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to protected information...
CVE-2019-0277
SAP HANA extended application services, version 1, advanced does not sufficiently validate an XML document accepted from an authenticated developer with privileges to the SAP space XML External Entity vulnerability...
CVE-2019-0266
Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model XS advanced writes credentials of platform users to a trace file of the SAP HANA system. Even though this trace file is protected from unauthorized access, the risk of leaking information is increased...
CVE-2019-0261
Under certain circumstances, SAP HANA Extended Application Services, advanced model XS advanced does not perform authentication checks properly for XS advanced platform and business users. Fixed in 1.0.97 to 1.0.99 running on SAP HANA 1 or SAP HANA 2 SPS0 second S stands for stack...
CVE-2019-0266
The CVE-2019-0266 entry pertains to SAP HANA Extended Application Services (XS advanced) 1.0, where under certain conditions credentials of platform users are written to a SAP HANA system trace file. The root cause is that sensitive credentials are logged in a trace file, increasing the risk of i...
SAP HANA Extended Application Service Information Disclosure Vulnerability
SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions to support users to query real-time business data query and analysis.Extended Application Services is an application server, Web server and SAP HANA System within the Web...
CVE-2018-2465
SAP HANA versions 1.0 and 2.0 Extended Application Services classic model OData parser does not sufficiently validate XML. By exploiting, an unauthorized hacker can cause the database server to crash...
CVE-2018-2465
SAP HANA versions 1.0 and 2.0 Extended Application Services classic model OData parser does not sufficiently validate XML. By exploiting, an unauthorized hacker can cause the database server to crash...
SAP HANA Extended Application Services Information Disclosure Vulnerability (CNVD-2019-09633)
SAP HANA is a high-performance real-time data analytics platform from SAP, which provides data query functions that allow users to directly query and analyze a large amount of real-time business data.Extended Application Services XS is a development environment for application servers, Web server...