Weak Encryption in SAP HANA XS Leads to Data Exposure Risks
CVE-2014-5171

Currently unrated

Key Information:

Vendor

SAP
Status
Hana Extend Application Services
Vendor
CVE Published:
31 July 2014

What is CVE-2014-5171?

SAP HANA Extend Application Services (XS) is susceptible to a vulnerability whereby transmission encryption is absent during form-based authentication. This flaw permits remote attackers to intercept credentials and confidential information by monitoring network traffic. Without secure transmission, sensitive data exchanged between users and the application is at risk, potentially leading to unauthorized access and data breaches. Proper implementation of encryption protocols is crucial to safeguard against such vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.onapsis.com/resources/get.php?resid=adv_onapsi...
x_refsource_MISC
https://service.sap.com/sap/support/notes/1963932
x_refsource_CONFIRM
http://www.securityfocus.com/bid/68947
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.