SAML Authentication Vulnerability in SAP HANA Database 2.0
CVE-2020-26834
4.2MEDIUM
What is CVE-2020-26834?
SAP HANA Database version 2.0 contains an authentication issue where the application fails to properly validate usernames during SAML bearer token-based user authentication. This vulnerability enables attackers to manipulate a legitimate SAML bearer token and authenticate as a user whose full name matches the truncated username in the token, potentially leading to unauthorized access to sensitive resources within the database.
Affected Version(s)
SAP HANA Database < 2.0