8.8
CVE-2026-0492
- EPSS 0.08%
- Veröffentlicht 13.01.2026 01:13:00
- Zuletzt bearbeitet 27.01.2026 20:18:16
- Quelle cna@sap.com
- CVE-Watchlists
- Unerledigt
Privilege escalation vulnerability in SAP HANA database
SAP HANA database is vulnerable to privilege escalation allowing an attacker with valid credentials of any user to switch to another user potentially gaining administrative access. This exploit could result in a total compromise of the system�s confidentiality, integrity, and availability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SAP ≫ Hana Database Version2.00
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.226 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cna@sap.com | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-306 Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.