Sap hana Extended Application Services Information Leakage Vulnerability
Release date:
Updated on: 2014-08-02
Affected Systems:
Sap hana Extended Application Services
Description:
--------------------------------------------------------------------------------
CVE (CAN) ID: CVE-2014-5171
Sap hana Extended Application Services (XS) is the development environment for Web applications in the Application server, Web server, and sap hana System.
Sap hana Extend Application Services (XS) does not encrypt Application transmission, which allows remote attackers to obtain creden。 and other information.
<* Source: Sergio Abraham
Link: http://seclists.org/fulldisclosure/2014/Jul/153
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
SAP
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Https://service.sap.com/sap/support/notes/1963932
This article permanently updates the link address: