CVE-2018-2402 in HANAinfo

Zusammenfassung

von MITRE

In systems using the optional capture & replay functionality of SAP HANA, 1.00 and 2.00, (see SAP Note 2362820 for more information about capture & replay), user credentials may be stored in clear text in the indexserver trace files of the control system. An attacker with the required authorizations on the control system may be able to access the user credentials and gain unauthorized access to data in the captured or target system.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

SAP SE

Reservieren

15.12.2017

Veröffentlichung

14.03.2018

Moderieren

akzeptiert

Eintrag

VDB-114594

CPE

bereit

CWE

CWE-255 (bestätigt)

CVSS

8.4 (NVD)

EPSS

0.00271

KEV

nein

Aktivitäten

very low

Sektor

Lawfirm, Chemical, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-2402
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-2402
CVE Details	https://www.cvedetails.com/cve/CVE-2018-2402/

◂ Zurück Übersicht Weiter ▸

Do you know our Splunk app?

Download it now for free!