← Back

CVE-2016-6150

nvd nist
Published: Aug 5, 2016Modified: May 6, 2026

JSON object

Loading...
9.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

The multi-tenant database container feature in SAP HANA does not properly encrypt communications, which allows remote attackers to bypass intended access restrictions and possibly have unspecified other impact via unknown vectors, aka SAP Security Note 2233550.

Affected (1)

Products: Sap: Hana
Sap
1 product
Hana
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Hana
All versions

Related CWEs

CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (10)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Technical DescriptionThird Party Advisory
Source: cve@mitre.org
Permissions RequiredThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Technical DescriptionThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredThird Party Advisory

Timeline

No history available yet.