SAP® and Oracle® Security Advisories

Onapsis Research Labs is the world’s leading team of security experts who combine their deep knowledge of critical ERP applications and decades of threat research experience to deliver impactful security insights and threat intelligence focused on the business-critical applications from SAP, Oracle, and SaaS providers. Onapsis Research Labs is, far and away, the most prolific and most celebrated contributor of vulnerability research by the SAP Product Security Response Team. No other research team comes close.

SAP TREX
High

07/20/2016

SAP TREX Remote Directory Traversal

By exploiting this SAP TREX vulnerability, a remote unauthenticated attacker could access arbitrary business information from the SAP system. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:

Read More

07/20/2016

SAP TREX Remote File Read

Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:

Read More
SAP TREX
Medium

07/20/2016

SAP TREX TNS Information Disclosure in NameServer

By exploiting this SAP TREX vulnerability, an attacker could discover information relating to servers. This information could be used to allow the attacker to specialize their attacks. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you…

Read More
SAP HANA
High

07/20/2016

SAP HANA Arbitrary Audit Injection via HTTP Requests

By exploiting this SAP HANA vulnerability, an attacker could tamper the audit logs, hiding evidence of an attack to a HANA system. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:

Read More
SAP HANA
Medium

07/20/2016

SAP HANA Get Topology Information Disclosure

By exploiting this SAP HANA vulnerability, a remote unauthenticated attacker could obtain technical information about the SAP HANA Platform that can be used to perform more complex attacks. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering,…

Read More
SAP HANA
Low

07/20/2016

SAP HANA Information Disclosure in EXPORT

By exploiting this SAP HANA vulnerability, an attacker could access business information indexed by the SAP system. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:

Read More

07/20/2016

SAP HANA Password Disclosure

Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:

Read More

07/20/2016

SAP HANA Potential Remote Code Execution

Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:

Read More

07/20/2016

SAP HANA Potential Wrong Encryption

Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:

Read More
1617181920

Page 18 of 30