First published: Fri Feb 15 2019(Updated: )
Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) does not perform authentication checks properly for XS advanced platform and business users. Fixed in 1.0.97 to 1.0.99 (running on SAP HANA 1 or SAP HANA 2 SPS0 (second S stands for stack)).
Credit: cna@sap.com
Affected Software | Affected Version | How to fix |
---|---|---|
SAP Landscape Management | =3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2019-0261.
The severity of CVE-2019-0261 is critical with a severity value of 9.8.
The SAP Landscape Management software version 3.0 is affected by CVE-2019-0261.
To fix CVE-2019-0261, update SAP HANA Extended Application Services advanced model (XS advanced) to version 1.0.97 to 1.0.99.
More information about CVE-2019-0261 can be found at the following references: [1] http://www.securityfocus.com/bid/106986 [2] https://launchpad.support.sap.com/#/notes/2742027 [3] https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943