The Onapsis Research Lab delivers regular SAP security advisories and vulnerability research to our eco-system of customers, partners and the information security industry

Onapsis security advisories enable customers to better understand the security and business implications of discovered SAP security issues. This enables you to prioritize patches and updates and their remediation strategies to ensure continuity of your business. Onapsis security advisories, together with vendor patches and security notes, are available for download to provide vendors and end-users with the information to mitigate advanced threats to mission-critical applications running on SAP.

07/20/2016

By exploiting this vulnerability, an attacker could tamper the audit logs, hiding evidence of an attack to a HANA system.

07/20/2016

By exploiting this vulnerability, a remote unauthenticated attacker could access arbitrary business information from the SAP system.

07/20/2016

By exploiting this vulnerability, an attacker could access business information indexed by the SAP system.

07/20/2016

By exploiting this vulnerability, a remote unauthenticated attacker could access arbitrary business information from the SAP system.

07/20/2016

By exploiting this vulnerability, a remote unauthenticated attacker could receive high privilleges on the HANA system with unrestricted access to any business information.

07/20/2016

By exploiting this vulnerability, a remote unauthenticated attacker could access arbitrary business information from the SAP system.

07/20/2016

By exploiting this vulnerability, an unauthenticated attacker could access and modify any information indexed by the SAP system.

07/20/2016

By exploiting this vulnerability, a remote attacker may obtain clear-text passwords of SAP HANA users and get critical information.

07/20/2016

By exploiting this vulnerability, an unauthenticated attacker could access and modify any information indexed by the SAP system.

07/20/2016

By exploiting this vulnerability an unauthenticated attacker could modify any information indexed by the SAP system.

Pages