PT-2016-6768 · Sap · Sap Hana Db

Nahuel Sanchez

Published

2016-09-26

Updated

2016-09-28

CVE-2016-6142

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions SAP HANA DB version 1.00.73.00.389160

Description The issue allows remote attackers to inject arbitrary audit trail fields into the SYSLOG via vectors related to the SQL protocol.

Recommendations For SAP HANA DB version 1.00.73.00.389160, update to a version that addresses this issue, as specified in SAP Security Note 2197459.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2016-6142

Affected Products

Sap Hana Db

PT-2016-6768 · Sap · Sap Hana Db

CVE-2016-6142

Related Identifiers

Affected Products

References · 6