CVE-2016-6150
First published: Fri Aug 05 2016(Updated: )
The multi-tenant database container feature in SAP HANA does not properly encrypt communications, which allows remote attackers to bypass intended access restrictions and possibly have unspecified other impact via unknown vectors, aka SAP Security Note 2233550.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP HANA |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/138453/SAP-HANA-DB-Encryption-Issue.html
- http://seclists.org/fulldisclosure/2016/Aug/96
- http://www.securityfocus.com/bid/92064
- https://layersevensecurity.com/wp-content/uploads/2016/02/Layer-Seven-Security_SAP-Security-Notes_January-2016.pdf
- https://www.onapsis.com/research/security-advisories/sap-hana-potential-wrong-encryption
- collector/nvd-index
- agent/author
- agent/severity
- agent/type
- agent/event
- agent/references
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sap
- canonical/sap hana