Vulnerability Details CVE-2019-0261
Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) does not perform authentication checks properly for XS advanced platform and business users. Fixed in 1.0.97 to 1.0.99 (running on SAP HANA 1 or SAP HANA 2 SPS0 (second S stands for stack)).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.034
EPSS Ranking 86.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://www.securityfocus.com/bid/106986
- https://launchpad.support.sap.com/#/notes/2742027
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943
- http://www.securityfocus.com/bid/106986
- https://launchpad.support.sap.com/#/notes/2742027
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943
Products affected by CVE-2019-0261
-
cpe:2.3:a:sap:landscape_management:3.0