SAP HANA XS Advanced Credential Leakage Vulnerability

SAP HANA XS Advanced Credential Leakage Vulnerability

CVE-2019-0266 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS advanced) writes credentials of platform users to a trace file of the SAP HANA system. Even though this trace file is protected from unauthorized access, the risk of leaking information is increased.

Learn more about our User Device Pen Test.