← voltar
CVE-2014-5171

CVE-2014-5171

EPSS 1.5%
SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and other sensitive information by sniffing the network.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/127666/SAP-HANA-XS-Missing-Encryption.htmlhttp://scn.sap.com/docs/DOC-8218http://seclists.org/fulldisclosure/2014/Jul/149https://service.sap.com/sap/support/notes/1963932http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-021http://www.securityfocus.com/archive/1/532940/100/0/threadedhttp://www.securityfocus.com/bid/68947