CVE-2018-2373

Name of the Vulnerable Software and Affected Versions SAP HANA Extended Application Services version 1.0

Description The issue allows unauthenticated users to misuse a specific endpoint of the Controller's API to execute SQL statements, potentially delivering information about system configuration.

Recommendations For SAP HANA Extended Application Services version 1.0, consider restricting access to the vulnerable API endpoint until a patch is available. As a temporary workaround, avoid using the endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.