CVE-2016-3639

Published: Sep 26, 2016Modified: May 6, 2026

4.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

SAP HANA DB 1.00.091.00.1418659308 allows remote attackers to obtain sensitive topology information via an unspecified HTTP request, aka SAP Security Note 2176128.

Affected (1)

Products: Sap: Hana Db

Sap

1 product

Hana Db

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sap Hana Db	Version 1.00.091.00.1418659308

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (8)

http://onapsis.com/research/security-advisories/sap-hana-get-topology-information-disclosure

Source: cve@mitre.org

Permissions RequiredThird Party Advisory

http://packetstormsecurity.com/files/138428/SAP-HANA-1.00.091.00.1418659308-Information-Disclosure.html

Source: cve@mitre.org

Third Party Advisory

http://seclists.org/fulldisclosure/2016/Aug/83

Source: cve@mitre.org

Third Party Advisory

http://www.securityfocus.com/bid/92547

Source: cve@mitre.org

Third Party Advisory

http://onapsis.com/research/security-advisories/sap-hana-get-topology-information-disclosure

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

http://packetstormsecurity.com/files/138428/SAP-HANA-1.00.091.00.1418659308-Information-Disclosure.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://seclists.org/fulldisclosure/2016/Aug/83

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.securityfocus.com/bid/92547

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.