Posted by Onapsis Research Team on Sep 29
Onapsis Security Advisory 2015-022: SAP HANA SQL injection in
getSqlTraceConfiguration function
1. Impact on Business
=====================
By exploiting this vulnerability an attacker could read sensitive
business information stored in the HANA system and change configuration
parameters which could render the system unavailable for other users.
Risk Level: High
2. Advisory Information
=======================
– Public Release Date:…
Posted by Onapsis Research Team on Sep 29
Onapsis Security Advisory 2015-023: SAP HANA Drop Credentials SQL
injection
1. Impact on Business
=====================
By exploiting this vulnerability an attacker could modify system
settings and delete credentials which could affect other users in the
HANA system, engaging into a DoS attack.
Risk Level: Medium
2. Advisory Information
=======================
– Public Release Date: 09/29/2015
– Last Revised: 09/29/2015
– Security Advisory…
Posted by Onapsis Research Team on Sep 29
Onapsis Security Advisory 2015-009: SAP HANA hdbsql Multiple Memory
Corruption Vulnerabilities
1. Impact on Business
=====================
By exploiting this vulnerability an attacker could abuse of management
interfaces to execute commands on the HANA system and ultimately
compromise all the information stored and processed by the system.
Risk Level: High
2. Advisory Information
=======================
– Public Release Date: 09/29/2015
-…
Posted by Onapsis Research Team on Sep 29
Onapsis Security Advisory 2015-015: SAP HANA SQL injection in
_modifyUser function
1. Impact on Business
=====================
By exploiting this vulnerability an attacker could modify information
related to users of the HANA system, affecting the integrity of the data
stored.
Risk Level: Medium
2. Advisory Information
=======================
– Public Release Date: 09/29/2015
– Last Revised: 09/29/2015
– Security Advisory ID:…
Posted by Onapsis Research Team on Sep 29
Onapsis Security Advisory 2015-016: SAP HANA SQL injection in _newUser
function
1. Impact on Business
=====================
By exploiting this vulnerability an attacker could modify information
related to users of the HANA system, affecting the integrity of the data
stored.
Risk Level: Medium
2. Advisory Information
=======================
– Public Release Date: 09/29/2015
– Last Revised: 09/29/2015
– Security Advisory ID: ONAPSIS-2015-016
-…
Posted by Onapsis Research Team on Sep 29
Onapsis Security Advisory 2015-017: SAP HANA XSJS Code Injection in
test-net.xsjs
1. Impact on Business
=====================
By exploiting this vulnerability a remote authenticated attacker would
be able to
partially compromise the SAP system as well as all the information
processed and stored in the HANA system.
Risk Level: Medium
2. Advisory Information
=======================
– Public Release Date: 09/29/2015
– Last Revised: 09/29/2015
-…
Posted by Onapsis Research Team on Sep 29
Onapsis Security Advisory 2015-018: SAP HANA SQL injection in
setTraceLevelsForXsApps function
1. Impact on Business
=====================
By exploiting this vulnerability an attacker could change configuration
settings in the HANA system, affecting the integrity of the data stored
and possibly turning the platform unavailable to other users, who won’t
be able to perform their assigned business operations.
Risk Level: Medium
2. Advisory…
Posted by Onapsis Research Team on Sep 29
Onapsis Security Advisory 2015-019: SAP HANA XSS in role deletion
through Web-based development workbench
1. Impact on Business
=====================
By exploiting this vulnerability an attacker could steal sensitive
business information by targeting other users connected to the HANA
system.
Risk Level: Medium
2. Advisory Information
=======================
– Public Release Date: 09/29/2015
– Last Revised: 09/29/2015
– Security Advisory ID:…
Panda Security is proud to announce the appointment of Santiago Mayoralas as Chief Financial Officer for the company. In his new post, Santiago will be responsible for managing financial matters for Panda Security, which currently has a presence in more than 80 countries.
Santiago Mayoralas has a degree in Business Administration and Management from the Autonomous University of Madrid and a Master in Financial Management from the IE Business School. He also has extensive experience in technology companies, both engineering and consulting, where he has performed various functions within their finance departments.
Before joining Panda Security, Santiago Mayoralas headed the finance department of Prosegur in Colombia. He has also held various financial roles in companies like Altran, Alten and KPN Spain.
“The incorporation of Santiago certainly makes us stronger and better. The talent and the value that he has demonstrated throughout his career assures us of his ability to lead and manage us in tackling the present and future challenges that face our project, “says Diego Navarrete, CEO of Panda Security.
“Being part of a company with over 25 years of renowned excellence like Panda, which is technologically cutting-edge and that has a clear commitment to the Cloud, Big Data, mobility and the Internet of Things is certainly very exciting. Contributing to their future success is a professional challenge that I face with enthusiasm,” said Santiago Mayoralas.
You can download the photo here.
The post Santiago Mayoralas, Panda Security’s new Chief Financial Officer appeared first on MediaCenter Panda Security.
