CVE-2018-2373
published 2018-02-14CVE-2018-2373: Under certain circumstances, a specific endpoint of the Controller's API could be misused by unauthenticated users to execute SQL statements that deliver…
high7.5CVSS 3.0
AVNACLPRNUINSUCHINAN
Under certain circumstances, a specific endpoint of the Controller's API could be misused by unauthenticated users to execute SQL statements that deliver information about system configuration in SAP HANA Extended Application Services, 1.0.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | hana_extended_application_services | — | — |
| sap_se | sap_hana_extended_application_services | — | — |