Authentication Bypass Vulnerability in SAP HANA Extended Application Services, Advanced Model (XS Advanced)

CVE-2019-0261 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) does not perform authentication checks properly for XS advanced platform and business users. Fixed in 1.0.97 to 1.0.99 (running on SAP HANA 1 or SAP HANA 2 SPS0 (second S stands for stack)).

Learn more about our User Device Pen Test.