Application: SAP HANA
Versions Affected: SAP HANA 1.00.095
Vendor URL: http://www.sap.com
Vendor response: 29.09.2015
Date of Public Advisory: 12.01.2016
Reference: SAP Security Note 2241978
Author: Mathieu Geli (ERPScan)
Impact: Resource consumption
Remotely Exploitable: Yes
Locally Exploitable: No
CVSS Base Score: 5.0 / 10
CVSS Base Vector:
|AV : Access Vector (Related exploit range)||Network (N)|
|AC : Access Complexity (Required attack complexity)||Low (L)|
|Au : Authentication (Level of authentication needed to exploit)||None (N)|
|C : Impact to Confidentiality||None (N)|
|I : Impact to Integrity||Partial (P)|
|A : Impact to Availability||None (N)|
An unauthenticated attacker might be able to create specially crafted HTTP requests to SAP HANA Extended Application Services Classic debug function.
In addition, specially crafted HTTP requests can consume the available memory buffers and lead to a crash of the XS process. The XS process will be restarted automatically by the SAP HANA system.
Existing data cannot be changed or read by this vulnerability.
SAP HANA 1.00.095
Other versions are probably affected too, but they were not checked.
SOLUTIONS AND WORKAROUNDS
To correct this vulnerability, install SAP Security Note 2241978
Anonymous attacker can use a special HTTP request to perform a DoS attack to affect SAP HANA Security.
To prevent this issue as well as a plethora of other vulnerabilities that may affect your systems, ERPScan provides the following services: