Published: 27/10/2015 Updated: 10/12/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The index server (hdbindexserver) in SAP HANA 1.00.095 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via an HTTP request, aka SAP Security Note 2197428.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sap hana

[ERPSCAN-15-024] SAP HANA hdbindexserver - Memory corruption Application: SAP HANA Versions Affected: SAP HANA 100095 Vendor URL: SAPcom Bugs: Memory corruption, RCE Reported: 17072015 Vendor response: 18072015 Date of Public Adv ...

A buffer overflow vulnerability exists in SAP HANA interface If an attacker has a network access to the SQL interface or the SAP HANA Extended Application Services interface of an SAP HANA system, the vulnerability enables the attacker to inject code into the working memory that is subsequently executed by the application It can also be used to c ...

CWE-119 http://scn.sap.com/community/security/blog/2015/10/14/sap-security-notes-october-2015--review http://packetstormsecurity.com/files/135416/SAP-HANA-hdbindexserver-Memory-Corruption.html http://seclists.org/fulldisclosure/2016/Jan/94 https://www.exploit-db.com/exploits/39382/http://www.securityfocus.com/archive/1/537376/100/0/threaded https://erpscan.io/advisories/erpscan-15-024-sap-hana-hdbindexserver-memory-corruption/https://nvd.nist.gov https://www.exploit-db.com/exploits/39382/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-7986

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect