By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system.
Please fill out the form to download the security advisory.
Further Reading
SAP BEx -Denial of Service and Arbitrary Favorites Modification/Deletion
SAP BEx -Denial of Service and Arbitrary Favorites Modification/Deletion Impact on Business An authenticated attacker can cause a denial-of-service condition for other users, preventing them from accessing the system via the SAP GUI. Additionally, the attacker can modify or delete user-specific favorite nodes, leading to operational disruption and loss of convenience features for the affected…
Denial of Service and Arbitrary Favorites Modification/Deletion
Denial of Service and Arbitrary Favorites Modification/Deletion Impact on Business An authenticated attacker can cause a denial-of-service condition for other users, preventing them from accessing the system via the SAP GUI. Additionally, the attacker can modify or delete user-specific favorite nodes, leading to operational disruption and loss of convenience features for the affected business users….
Open Redirect in SAP HANA XSA UAA Server
Open Redirect in SAP HANA XSA UAA Server Impact on Business The open redirect vulnerability allows remote attackers to redirect users to arbitrary sites and conduct phishing attacks. The phishers may then steal victim’s credentials or other important data that can be used in other exploitation chains. This has limited impact on the confidentiality, integrity and availability of the…