Vulnerabilities

CVE-2016-6144

by Fred · 05/08/2016

The SQL interface in SAP HANA before Revision 102 does not limit the number of login attempts for the SYSTEM user when the password_lock_for_system_user is not supported or is configured as "False," which makes it easier for remote attackers to bypass authentication via a brute force attack, aka SAP Security Note 2216869.

Date published : 2016-08-05

http://www.securityfocus.com/bid/92065

http://seclists.org/fulldisclosure/2016/Aug/91

Similar

Tags: Cybersecurity Alert