Description
SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication. It is possible to manipulate a valid existing SAML bearer token to authenticate as a user whose name is identical to the truncated username for whom the SAML bearer token was issued.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079
Permissions Required x_refsource_misc
https://launchpad.support.sap.com/#/notes/2978768
Scores
CVSS v3
5.4
EPSS
0.0016
EPSS Percentile
36.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Details
CWE
CWE-287
Status
published
Products (1)
sap/hana_database
2.00
Published
Dec 09, 2020
Tracked Since
Feb 18, 2026