CVE-2019-0261

EUVD-2019-1034
Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) does not perform authentication checks properly for XS advanced platform and business users. Fixed in 1.0.97 to 1.0.99 (running on SAP HANA 1 or SAP HANA 2 SPS0 (second S stands for stack)).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 86%
Affected Products (NVD)
VendorProductVersion
saplandscape_management
3.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/106986
https://launchpad.support.sap.com/#/notes/2742027
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943
http://www.securityfocus.com/bid/106986
https://launchpad.support.sap.com/#/notes/2742027
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943