Application: SAP HANA
Versions Affected: SAP HANA 1.00.095
Vendor URL: http://www.sap.com
Vendor response: 29.09.2015
Date of Public Advisory: 12.01.2016
Reference: SAP Security Note 2241978
Author: Mathieu Geli (ERPScan)
VULNERABILITY INFORMATIONClass: DoS
Impact: Resource consumption
Remotely Exploitable: Yes
Locally Exploitable: No
CVSS Base Score: 5.0 / 10
CVSS Base Vector:
|AV : Access Vector (Related exploit range)||Network (N)|
|AC : Access Complexity (Required attack complexity)||Low (L)|
|Au : Authentication (Level of authentication needed to exploit)||None (N)|
|C : Impact to Confidentiality||None (N)|
|I : Impact to Integrity||Partial (P)|
|A : Impact to Availability||None (N)|
Technical descriptionAn unauthenticated attacker might be able to create specially crafted HTTP requests to SAP HANA Extended Application Services Classic debug function.
In addition, specially crafted HTTP requests can consume the available memory buffers and lead to a crash of the XS process. The XS process will be restarted automatically by the SAP HANA system.
Existing data cannot be changed or read by this vulnerability.
VULNERABLE PACKAGESSAP HANA 1.00.095
Other versions are probably affected too, but they were not checked.
SOLUTIONS AND WORKAROUNDSTo correct this vulnerability, install SAP Security Note 2241978
DescriptionAnonymous attacker can use a special HTTP request to perform a DoS attack to affect SAP HANA Security.
To prevent this issue as well as a plethora of other vulnerabilities that may affect your systems, ERPScan provides the following services: