2 matches found
SAP Updates Two-Year-Old Patch for TREX Vulnerability
SAP has issued an updated patch for a code-injection vulnerability affecting the TREX search engine integrated into more than a dozen SAP products, including the old NetWeaver application integration platform and the SAP HANA database. The flaw was originally found in 2015 and patched in SAP HANA...
CVE-2017-7691
The CVE-2017-7691 entry concerns a code-injection/remote code execution vulnerability in SAP TREX and the Business Warehouse Accelerator (BWA). The root cause described across sources is an insecure protocol/engine interaction within TREX that could be exploited to inject and execute code on the ...