Hana@- Security Vulnerabilities and Issues — Hana@- CVE List

Lucene search

SapHana-

4 matches found

CVE•added 2014/07/31 2:55 p.m.•42 views

CVE-2014-5172

Multiple cross-site scripting (XSS) vulnerabilities in the XS Administration Tools in SAP HANA allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.8AI score0.0053EPSS

CVE•added 2014/04/10 8:55 p.m.•38 views

CVE-2014-2749

The HANA ICM process in SAP HANA allows remote attackers to obtain the platform version, host name, instance number, and possibly other sensitive information via a malformed HTTP GET request.

5CVSS6.5AI score0.00516EPSS

CVE•added 2014/11/04 3:55 p.m.•38 views

CVE-2014-8587

SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HANA, allows remote attackers to spoof Digital Signature Algorithm (DSA) signatures via unspecified vectors.

7.5CVSS6.8AI score0.00585EPSS

CVE•added 2014/10/16 7:55 p.m.•37 views

CVE-2014-8313

Eval injection in ide/core/base/server/net.xsjs in the Developer Workbench in SAP HANA allows remote attackers to execute arbitrary XSJX code via unspecified vectors.

6CVSS8AI score0.00795EPSS