Posted by Onapsis Research Labs on May 27

Onapsis Security Advisory ONAPSIS-2015-006: SAP HANA Information
Disclosure via SQL IMPORT FROM statement

1. Impact on Business
=====================

Under certain conditions some SAP HANA Database commands could be
abused by a remote authenticated attacker to access information which
is restricted.
This could be used to gain access to confidential information.

Risk Level: Medium

2. Advisory Information
=======================

– Public…