cvelist/2018/2xxx/CVE-2018-2369.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "cna@sap.com",
      "ID" : "CVE-2018-2369",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "SAP HANA",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_affected" : "=",
                                 "version_value" : "1.00"
                              },
                              {
                                 "version_affected" : "=",
                                 "version_value" : "2.00"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "SAP SE"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "Under certain conditions SAP HANA, 1.00, 2.00, allows an unauthenticated attacker to access information which would otherwise be restricted. An attacker can misuse the authentication function of the SAP HANA server on its SQL interface and disclose 8 bytes of the server process memory. The attacker cannot influence or predict the location of the leaked memory."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "Information Disclosure"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/",
            "refsource" : "CONFIRM",
            "url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
         },
         {
            "name" : "https://launchpad.support.sap.com/#/notes/2572940",
            "refsource" : "CONFIRM",
            "url" : "https://launchpad.support.sap.com/#/notes/2572940"
         },
         {
            "name" : "102997",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/102997"
         }
      ]
   }
}
- Synchronized data. 2017-12-15 05:03:06 -05:00			`{`
			`"CVE_data_meta" : {`
- Added submission from SAP from 2018-02-13. 2018-02-14 06:33:39 -05:00			`"ASSIGNER" : "cna@sap.com",`
- Synchronized data. 2017-12-15 05:03:06 -05:00			`"ID" : "CVE-2018-2369",`
- Added submission from SAP from 2018-02-13. 2018-02-14 06:33:39 -05:00			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "SAP HANA",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_affected" : "=",`
			`"version_value" : "1.00"`
			`},`
			`{`
			`"version_affected" : "=",`
			`"version_value" : "2.00"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "SAP SE"`
			`}`
			`]`
			`}`
- Synchronized data. 2017-12-15 05:03:06 -05:00			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
- Added submission from SAP from 2018-02-13. 2018-02-14 06:33:39 -05:00			`"value" : "Under certain conditions SAP HANA, 1.00, 2.00, allows an unauthenticated attacker to access information which would otherwise be restricted. An attacker can misuse the authentication function of the SAP HANA server on its SQL interface and disclose 8 bytes of the server process memory. The attacker cannot influence or predict the location of the leaked memory."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "Information Disclosure"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/",`
			`"refsource" : "CONFIRM",`
- Added submission from SAP from 2018-02-13. 2018-02-14 06:33:39 -05:00			`"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://launchpad.support.sap.com/#/notes/2572940",`
			`"refsource" : "CONFIRM",`
- Added submission from SAP from 2018-02-13. 2018-02-14 06:33:39 -05:00			`"url" : "https://launchpad.support.sap.com/#/notes/2572940"`
- Synchronized data. 2018-02-15 06:04:25 -05:00			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "102997",`
			`"refsource" : "BID",`
- Synchronized data. 2018-02-15 06:04:25 -05:00			`"url" : "http://www.securityfocus.com/bid/102997"`
- Synchronized data. 2017-12-15 05:03:06 -05:00			`}`
			`]`
			`}`
			`}`