SAP HANA User Account Enumeration Vulnerability
CVE-2017-16687 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The user self-service tools of SAP HANA extended application services, classic user self-service, a part of SAP HANA Database versions 1.00 and 2.00, can be misused to enumerate valid and invalid user accounts. An unauthenticated user could use the error messages to determine if a given username is valid.
Learn more about our Cis Benchmark Audit For Suse Linux Enterprise Server.