CNNVD-202511-1303 Information

CNNVD ID

CNNVD-202511-1303

Related CVE

CVE-2025-42885

• CNNVD Published: 2025-11-11

Description (Chinese)

SAP HANA是德国思爱普（SAP）公司的一套高性能的实时数据分析平台。该平台提供数据查询功能，支持用户对查询实时业务数据进行查询和分析。 SAP HANA 2.0版本存在访问控制错误漏洞，该漏洞源于缺少身份验证，可能导致信息泄露。

Description (English)

SAP HANA is a high-performance real-time data analysis platform for SAP Germany. The platform provides data queries to support users in searching and analysing real-time operational data. Version SAP HANA 2.0 contains a bug in access control, which stems from a lack of authentication and may lead to the disclosure of information.

Hazard Level

High

Vulnerability Type

访问控制错误

Affected Vendor

思爱普

Published

2025-11-11

Last Modified

2026-02-24

References

https://me.sap.com/notes/3639264 https://url.sap/sapsecuritypatchday https://access.redhat.com/security/cve/cve-2025-42885

Patch

https://url.sap/sapsecuritypatchday