SAP HANA Extended Application Services (advanced model) User Enumeration Vulnerability

SAP HANA Extended Application Services (advanced model) User Enumeration Vulnerability

CVE-2019-0306 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

SAP HANA Extended Application Services (advanced model), version 1, allows authenticated low privileged XS Advanced Platform users such as SpaceAuditors to execute requests to obtain a complete list of SAP HANA user IDs and names.

Learn more about our User Device Pen Test.