Latest sap hana database Vulnerabilities

CVE-2023-40309
SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depend...
SAP CommonCryptoLib=8.0.0
SAP Content Server=6.50
SAP Content Server=7.53
SAP Content Server=7.54
Sap Extended Application Services And Runtime=1.0
SAP HANA Database=2.0
and 41 more
CVE-2023-40308
SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component ...
SAP CommonCryptoLib=8.0.0
SAP Content Server=6.50
SAP Content Server=7.53
SAP Content Server=7.54
Sap Extended Application Services And Runtime=1.0
SAP HANA Database=2.0
and 41 more
CVE-2021-21474
SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who manages to obtain an MD5-digest signed SAML Assertion issued for an SAP HANA instance might be able to tamp...
SAP HANA Database=1.00
SAP HANA Database=2.00
CVE-2020-26834
SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication. It is possible to manipulate a valid existing SAML bearer token ...
SAP HANA Database=2.00
CVE-2019-0350
SAP HANA Database, versions 1.0, 2.0, allows an unauthorized attacker to send a malformed connection request, which crashes the indexserver of an SAP HANA instance, leading to Denial of Service
SAP HANA Database=1.00
SAP HANA Database=2.00
CVE-2018-2424
SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software c...
SAP HANA Database=1.00
SAP HANA Database=2.00
Sap Ui=2.0
SAP UI=7.40
SAP UI=7.50
SAP UI=7.51
and 6 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203