Vulnerabilities > SAP > Hana > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-10 | CVE-2019-0357 | Unspecified vulnerability in SAP Hana 1.0/2.0 The administrator of SAP HANA database, before versions 1.0 and 2.0, can misuse HANA to execute commands with operating system "root" privileges. | 6.7 |
| 2019-04-10 | CVE-2019-0284 | XXE vulnerability in SAP Hana 1.0/2.0 SLD Registration in SAP HANA (fixed in versions 1.0, 2.0) does not sufficiently validate an XML document accepted from an untrusted source. | 6.0 |
| 2018-02-14 | CVE-2018-2369 | Unspecified vulnerability in SAP Hana 1.00/2.00 Under certain conditions SAP HANA, 1.00, 2.00, allows an unauthenticated attacker to access information which would otherwise be restricted. | 5.3 |
| 2018-01-09 | CVE-2018-2362 | Unspecified vulnerability in SAP Hana 1.00/2.00 A remote unauthenticated attacker, SAP HANA 1.00 and 2.00, could send specially crafted SOAP requests to the SAP Startup Service and disclose information such as the platform's hostname. | 5.3 |