SAML Token Manipulation Vulnerability in SAP HANA Database
CVE-2021-21474

6.5MEDIUM

Key Information:

Vendor: SAP
Status: SAP Hana Database
Vendor: CVE Published:; 9 February 2021

Summary

The SAP HANA Database is vulnerable due to its acceptance of SAML tokens signed with MD5 digest. An attacker who secures an MD5-signed SAML Assertion can modify it without invalidating the digital signature. This manipulation could allow the attacker to impersonate a legitimate user within the SAP HANA environment, granting unauthorized access to confidential database content.

Affected Version(s)

SAP HANA Database < 1.0 < 1.0

SAP HANA Database < 2.0 < 2.0

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageI...

x_refsource_MISC

https://launchpad.support.sap.com/#/notes/2992154

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 9, 2021
Vulnerability Reserved
Dec 30, 2020