Skip links

SAML 2.0 possible XML signature wrapping attack, SAP security note 1756978


Messages sent and received by the SAML 2.0 Service Provider can be manipulated by a malicious user to allow them to perform unauthorised actions on behalf of another user, thereby generally circumventing the integrity protection provided by the service.

Available fix and Supported packages

  • HDB | 1.00 | 1.00
  • SAP HANA DATABASE 1.00 | SP036 | 000036

Affected component

    SAP HANA Database


Score: 0


Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.




How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer

Initiating SAP Penetration Testing

►   Pentest, short for penetration testing, refers to a set of processes that simulate an attacker’s actions to identify security vulnerabilities. Companies