Hana Security Vulnerabilities and Issues — Hana CVE List

Lucene search

SapHana

5 matches found

CVE•added 2015/11/10 5:59 p.m.•49 views

CVE-2015-7991

The Web Dispatcher service in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote attackers to read web dispatcher and security trace files and possibly obtain passwords via unspecified vectors, aka SAP Security Note 2148854.

5CVSS7AI score0.00211EPSS

CVE•added 2015/11/10 5:59 p.m.•48 views

CVE-2015-7993

The Extended Application Services (aka XS or XS Engine) in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote attackers to execute arbitrary code via unspecified vectors related to "HTTP Login," aka SAP Security Note 2197397.

7.5CVSS7.9AI score0.00413EPSS

CVE•added 2015/11/10 5:59 p.m.•41 views

CVE-2015-7994

The SQL interface in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote attackers to execute arbitrary code via unspecified vectors related to "SQL Login," aka SAP Security Note 2197428.

7.5CVSS8.4AI score0.01815EPSS

CVE•added 2015/11/10 5:59 p.m.•35 views

CVE-2015-7992

SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to cause a denial of service (memory corruption and indexserver crash) via unspecified vectors to the EXECUTE_SEARCH_RULE_SET stored procedure, aka SAP Security Note 2175928.

4CVSS6.4AI score0.0038EPSS

CVE•added 2015/11/10 5:59 p.m.•32 views

CVE-2015-7828

SAP HANA Database 1.00 SPS10 and earlier do not require authentication, which allows remote attackers to execute arbitrary code or have unspecified other impact via a TrexNet packet to the (1) fcopydir, (2) fmkdir, (3) frmdir, (4) getenv, (5) dumpenv, (6) fcopy, (7) fput, (8) fdel, (9) fmove, (10) ...

10CVSS8.3AI score0.03556EPSS