CVE-2018-2362

Description

A remote unauthenticated attacker, SAP HANA 1.00 and 2.00, could send specially crafted SOAP requests to the SAP Startup Service and disclose information such as the platform's hostname.

Affected products

• SAP_SE / SAP HANA1.00 – 1.00
• SAP_SE / SAP HANA2.00 – 2.00

References

• MISChttps://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/
• MISChttps://launchpad.support.sap.com/#/notes/2575750
• MISChttp://www.securityfocus.com/bid/102452