Dangerous bugs leave open doors to SAP HANA systems
The most serious software flaws ever have been found in SAP’s HANA platform, the in-memory database platform that underpins many of the German company’s products used by large companies.
Eight of the flaws are ranked critical, the highest severity rating, since attackers could use them to delete data, steal customer information and financial statements or change product pricing data.
“We found lot of stuff under the carpet,” said Mariano Nunez, CEO of Onapsis, a Boston-based security company that focuses on protecting SAP systems.
What is remarkable is that several of the 21 vulnerabilities found by Onapsis were remotely exploitable, meaning an attacker could gain access to HANA from afar over the Internet.