Hana@- Security Vulnerabilities and Issues — Hana@- CVE List

Lucene search

SapHana-

5 matches found

CVE•added 2016/04/14 2:59 p.m.•42 views

CVE-2016-4017

The Data Provisioning Agent (aka DP Agent) in SAP HANA allows remote attackers to cause a denial of service (process crash) via unspecified vectors, aka SAP Security Note 2262710.

7.5CVSS7.3AI score0.00499EPSS

CVE•added 2016/01/20 4:59 p.m.•38 views

CVE-2016-1929

The XS engine in SAP HANA allows remote attackers to spoof log entries in trace files and consequently cause a denial of service (disk consumption and process crash) via a crafted HTTP request, related to an unspecified debug function, aka SAP Security Note 2241978.

9.3CVSS8.6AI score0.01328EPSS

CVE•added 2016/08/05 2:59 p.m.•36 views

CVE-2016-6150

The multi-tenant database container feature in SAP HANA does not properly encrypt communications, which allows remote attackers to bypass intended access restrictions and possibly have unspecified other impact via unknown vectors, aka SAP Security Note 2233550.

9.8CVSS9.8AI score0.0175EPSS

CVE•added 2016/01/20 4:59 p.m.•35 views

CVE-2016-1928

Buffer overflow in the XS engine (hdbxsengine) in SAP HANA allows remote attackers to cause a denial of service or execute arbitrary code via a crafted HTTP request, related to JSON, aka SAP Security Note 2241978.

9.8CVSS9.6AI score0.37328EPSS

CVE•added 2016/04/14 2:59 p.m.•34 views

CVE-2016-4018

The Data Provisioning Agent (aka DP Agent) in SAP HANA does not properly restrict access to service functionality, which allows remote attackers to obtain sensitive information, gain privileges, and conduct unspecified other attacks via unspecified vectors, aka SAP Security Note 2262742.

7.5CVSS7.2AI score0.00408EPSS