Remote Code Injection Vulnerability in SAP HANA by SAP
CVE-2015-1311

Currently unrated

Key Information:

Vendor
SAP
Status
Hana Extend Application Services
Vendor
CVE Published:
22 January 2015

Summary

The Extended Application Services (XS) component in SAP HANA is susceptible to remote code injection, allowing unauthorized individuals to introduce and execute arbitrary ABAP code. This vulnerability arises from unidentified vectors, raising concerns over the security of applications relying on SAP HANA. It is crucial for organizations utilizing affected versions to apply necessary patches as indicated by SAP Note 2098906 to mitigate potential exploitation.

References

https://erpscan.io/press-center/blog/sap-critical-patch-u...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.