PT-2018-15496 · Sap · Sap Hana

Published

2018-01-09

Updated

2020-08-24

CVE-2018-2362

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions SAP HANA versions 1.00 through 2.00

Description A remote unauthenticated attacker could send specially crafted SOAP requests to the SAP Startup Service, potentially disclosing sensitive information such as the platform's hostname.

Recommendations For SAP HANA versions 1.00 through 2.00, consider restricting access to the SAP Startup Service to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-2362

Affected Products

Sap Hana

PT-2018-15496 · Sap · Sap Hana

CVE-2018-2362

Related Identifiers

Affected Products

References · 5