Vulnerability Details CVE-2014-2749
The HANA ICM process in SAP HANA allows remote attackers to obtain the platform version, host name, instance number, and possibly other sensitive information via a malformed HTTP GET request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.7%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/57443
- http://www.onapsis.com/get.php?resid=adv_onapsis-2014-001
- http://www.onapsis.com/research-advisories.php
- http://www.securityfocus.com/bid/66675
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92325
- https://service.sap.com/sap/support/notes/1914778
- http://secunia.com/advisories/57443
- http://www.onapsis.com/get.php?resid=adv_onapsis-2014-001
- http://www.onapsis.com/research-advisories.php
- http://www.securityfocus.com/bid/66675
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92325
- https://service.sap.com/sap/support/notes/1914778