Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2749

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-2749
Last Modified 24 Apr 2014 01:06:31
Published 10 Apr 2014 04:55:06
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-2749

Summary

The HANA ICM process in SAP HANA allows remote attackers to obtain the platform version, host name, instance number, and possibly other sensitive information via a malformed HTTP GET request.

Vulnerable Systems

Application

  • Sap Hana -


References

MISC - https://service.sap.com/sap/support/notes/1914778

BID - 66675

MISC - http://www.onapsis.com/research-advisories.php

MISC - http://www.onapsis.com/get.php?resid=adv_onapsis-2014-001

SECUNIA - 57443

XF - sap-hana-icm-info-disc(92325)


Last Updated: 27 May 2016 11:04:54