Information Disclosure Vulnerability in SAP HANA Database
CVE-2016-3639
4.3MEDIUM
Summary
The vulnerability in SAP HANA DB 1.00.091.00.1418659308 allows remote attackers to gain unauthorized access to sensitive system topology information through specific HTTP requests. This flaw may expose critical operational insights, enabling attackers to plan further exploitations. Organizations using this version must implement protective measures and consult SAP Security Note 2176128 for guidance on mitigating risks.
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved