CVE-2015-1311
SAP HANA Extended Application Services - Remote Code Execution via ABAP Code Injection
Title source: llmDescription
The Extended Application Services (XS) in SAP HANA allows remote attackers to inject arbitrary ABAP code via unspecified vectors, aka SAP Note 2098906. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://erpscan.io/press-center/blog/sap-critical-patch-update-january-2015/
Scores
EPSS
0.0170
EPSS Percentile
82.5%
Details
CWE
CWE-94
Status
published
Products (1)
sap/hana_extended_application_services
Published
Jan 22, 2015
Tracked Since
Feb 18, 2026