CVE-2014-2749

Опубликовано: 10 апр. 2014

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The HANA ICM process in SAP HANA allows remote attackers to obtain the platform version, host name, instance number, and possibly other sensitive information via a malformed HTTP GET request.

Ссылки

http://secunia.com/advisories/57443
Vendor Advisory
http://www.onapsis.com/get.php?resid=adv_onapsis-2014-001
http://www.onapsis.com/research-advisories.php
http://www.securityfocus.com/bid/66675
https://exchange.xforce.ibmcloud.com/vulnerabilities/92325
https://service.sap.com/sap/support/notes/1914778
http://secunia.com/advisories/57443
Vendor Advisory
http://www.onapsis.com/get.php?resid=adv_onapsis-2014-001
http://www.onapsis.com/research-advisories.php
http://www.securityfocus.com/bid/66675
https://exchange.xforce.ibmcloud.com/vulnerabilities/92325
https://service.sap.com/sap/support/notes/1914778

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sap:hana:-:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00516

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-3q9q-4xjv-8vc9

github

больше 3 лет назад