Description
SAP HANA database allows an attacker to prevent legitimate users from accessing a service by crashing the service.
Some well-known impacts of Denial of Service vulnerability are –
- long response delays and service interruptions, thus degrading the service quality experienced by legitimate users
- direct impact on availability
Available fix and Supported packages
- HDB | 1.00 | 1.00
- HDB | 2.00 | 2.00
- SAP HANA DATABASE 1.00 | SP122 | 000026
- SAP HANA DATABASE 2.0 | SP024 | 000010
- SAP HANA DATABASE 2.0 | SP037 | 000002
- SAP HANA DATABASE 2.0 | SP040 | 000000
Affected component
- HAN-DB
SAP HANA Database
CVSS
Score: 7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/2798243