CVE-2015-3995
CVE-2015-3995 concerns SAP HANA DB 1.00.73.00.389160 (NewDB100_REL). A remote, authenticated user can read arbitrary files via an IMPORT FROM SQL statement due to an improper access control weakness. Onapsis’ advisory (linked to CVE-2015-3995) documents the vulnerability class as Improper Access ...