The Log injection vulnerability (CVE-2017-16687) impacts SAP HANA XS classic user self-service and features a CVSS Base Score of 5.3. By exploiting the flaw, an attacker could inject arbitrary data in the audit log. By flooding it with a large amount of …

Read full article here..

  • http://www.securityweek.com/sap-becomes-cve-numbering-authority