← volver
CVE-2014-5171

CVE-2014-5171

EPSS 1.5%
SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and other sensitive information by sniffing the network.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://packetstormsecurity.com/files/127666/SAP-HANA-XS-Missing-Encryption.htmlhttp://scn.sap.com/docs/DOC-8218http://seclists.org/fulldisclosure/2014/Jul/149https://service.sap.com/sap/support/notes/1963932http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-021http://www.securityfocus.com/archive/1/532940/100/0/threadedhttp://www.securityfocus.com/bid/68947