QwikSec

Security Database

CVE

CWE

Training

CVE-2016-1929

Published: Jan 20, 2016

Modified: Aug 5, 2024

PUBLISHED

Description

The XS engine in SAP HANA allows remote attackers to spoof log entries in trace files and consequently cause a denial of service (disk consumption and process crash) via a crafted HTTP request, related to an unspecified debug function, aka SAP Security Note 2241978.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://erpscan.io/advisories/erpscan-16-002-sap-hana-log-injection-and-no-size-restriction/

x_refsource_MISC

https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/

x_refsource_MISC

20160415 [ERPSCAN-16-002] SAP HANA - log injection and no size restriction

mailing-list

x_refsource_FULLDISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.