Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Hana Security Vulnerabilities - CVSS Score 5 - 6

cve
cve

CVE-2014-2749

The HANA ICM process in SAP HANA allows remote attackers to obtain the platform version, host name, instance number, and possibly other sensitive information via a malformed HTTP GET request.

6.5AI Score

0.006EPSS

2014-04-10 08:55 PM
27
cve
cve

CVE-2015-7991

The Web Dispatcher service in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote attackers to read web dispatcher and security trace files and possibly obtain passwords via unspecified vectors, aka SAP Security Note 2148854.

7AI Score

0.003EPSS

2015-11-10 05:59 PM
37
cve
cve

CVE-2018-2362

A remote unauthenticated attacker, SAP HANA 1.00 and 2.00, could send specially crafted SOAP requests to the SAP Startup Service and disclose information such as the platform's hostname.

5.3CVSS

5.3AI Score

0.002EPSS

2018-01-09 03:29 PM
25
cve
cve

CVE-2018-2369

Under certain conditions SAP HANA, 1.00, 2.00, allows an unauthenticated attacker to access information which would otherwise be restricted. An attacker can misuse the authentication function of the SAP HANA server on its SQL interface and disclose 8 bytes of the server process memory. The attacker...

5.3CVSS

5.7AI Score

0.001EPSS

2018-02-14 12:29 PM
25