SAP Hana Extend Application Services
By the Year
In 2024 there have been 0 vulnerabilities in SAP Hana Extend Application Services . Hana Extend Application Services did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 8 | 7.03 |
It may take a day or so for new Hana Extend Application Services vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent SAP Hana Extend Application Services Security Vulnerabilities
A plain keystore password is written to a system log file in SAP HANA Extended Application Services, 1.0
CVE-2018-2372
6.5 - Medium
- February 14, 2018
A plain keystore password is written to a system log file in SAP HANA Extended Application Services, 1.0, which could endanger confidentiality of SSL communication.
Insertion of Sensitive Information into Log File
Under certain circumstances, a specific endpoint of the Controller's API could be misused by unauthenticated users to execute SQL statements
CVE-2018-2373
7.5 - High
- February 14, 2018
Under certain circumstances, a specific endpoint of the Controller's API could be misused by unauthenticated users to execute SQL statements that deliver information about system configuration in SAP HANA Extended Application Services, 1.0.
In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve sensitive application data like service bindings within
CVE-2018-2374
6.5 - Medium
- February 14, 2018
In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve sensitive application data like service bindings within that space.
In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve application environments within
CVE-2018-2375
8.1 - High
- February 14, 2018
In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve application environments within that space.
In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve application environments within
CVE-2018-2376
8.1 - High
- February 14, 2018
In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve application environments within that space.
In SAP HANA Extended Application Services
CVE-2018-2377
6.5 - Medium
- February 14, 2018
In SAP HANA Extended Application Services, 1.0, some general server statistics and status information could be retrieved by unauthorized users.
In SAP HANA Extended Application Services, 1.0, unauthorized users
CVE-2018-2378
6.5 - Medium
- February 14, 2018
In SAP HANA Extended Application Services, 1.0, unauthorized users can read statistical data about deployed applications including resource consumption.
In SAP HANA Extended Application Services
CVE-2018-2379
6.5 - Medium
- February 14, 2018
In SAP HANA Extended Application Services, 1.0, an unauthenticated user could test if a given username is valid by evaluating error messages of a specific endpoint.
Generation of Error Message Containing Sensitive Information
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for SAP Hana Extended Application Services or by SAP? Click the Watch button to subscribe.
