Vulnerability Details CVE-2019-0266
Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS advanced) writes credentials of platform users to a trace file of the SAP HANA system. Even though this trace file is protected from unauthorized access, the risk of leaking information is increased.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/106988
- https://launchpad.support.sap.com/#/notes/2724713
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943
- http://www.securityfocus.com/bid/106988
- https://launchpad.support.sap.com/#/notes/2724713
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943
Products affected by CVE-2019-0266
-
cpe:2.3:a:sap:hana_extended_application_services:1.0