The SQL interface in SAP HANA before Revision 102 does not limit the number of login attempts for the SYSTEM user when the password_lock_for_system_user is not supported or is configured as "False," which makes it easier for remote malicious users to bypass authentication via a brute force attack, aka SAP Security Note 2216869.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap hana |