CVE-2019-0277

Name of the Vulnerable Software and Affected Versions SAP HANA Extended Application Services version 1, advanced

Description The issue is related to errors in processing XML documents. It may allow a remote attacker to access protected information or cause a denial of service using a specially crafted XML file. The problem is due to insufficient validation of an XML document accepted from an authenticated developer with privileges to the SAP space, which is related to an XML External Entity vulnerability.

Recommendations For SAP HANA Extended Application Services version 1, advanced, consider restricting access to the XML processing functionality until a proper fix is applied, and ensure that all XML documents are thoroughly validated before processing to minimize the risk of exploitation.