Posted by Onapsis Research Team on Sep 29

Onapsis Security Advisory 2015-018: SAP HANA SQL injection in
setTraceLevelsForXsApps function

1. Impact on Business
=====================

By exploiting this vulnerability an attacker could change configuration
settings in the HANA system, affecting the integrity of the data stored
and possibly turning the platform unavailable to other users, who won’t
be able to perform their assigned business operations.

Risk Level: Medium

2. Advisory…