CVE-2018-2465

Description

SAP HANA (versions 1.0 and 2.0) Extended Application Services classic model OData parser does not sufficiently validate XML. By exploiting, an unauthorized hacker can cause the database server to crash.

Affected products

• SAP / SAP HANA= 1.0 – = 1.0
• SAP / SAP HANA= 2.0 – = 2.0

References

• MISChttp://www.securityfocus.com/bid/105324
• MISChttps://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993
• MISChttps://launchpad.support.sap.com/#/notes/2681207