CVE-2016-4018

Published: Apr 14, 2016Modified: May 6, 2026

7.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Exploitability: 3.9 / Impact: 3.4

Source: NVD

Description

The Data Provisioning Agent (aka DP Agent) in SAP HANA does not properly restrict access to service functionality, which allows remote attackers to obtain sensitive information, gain privileges, and conduct unspecified other attacks via unspecified vectors, aka SAP Security Note 2262742.

Affected (1)

Products: Sap: Hana

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sap Hana	All versions

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/

Source: cve@mitre.org

https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.