CVE-2019-0266

Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS advanced) writes credentials of platform users to a trace file of the SAP HANA system. Even though this trace file is protected from unauthorized access, the risk of leaking information is increased.
Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:hana_extended_application_services:1.0:*:*:*:*:*:*:*

History

21 Nov 2024, 04:16

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/106988 - Third Party Advisory () http://www.securityfocus.com/bid/106988 - Third Party Advisory
References () https://launchpad.support.sap.com/#/notes/2724713 - Permissions Required, Vendor Advisory () https://launchpad.support.sap.com/#/notes/2724713 - Permissions Required, Vendor Advisory
References () https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943 - Vendor Advisory () https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943 - Vendor Advisory

Information

Published : 2019-02-15 18:29

Updated : 2024-11-21 04:16


NVD link : CVE-2019-0266

Mitre link : CVE-2019-0266

CVE.ORG link : CVE-2019-0266


JSON object : View

Products Affected

sap

  • hana_extended_application_services
CWE
CWE-532

Insertion of Sensitive Information into Log File