CVE-2018-2497

Summary

The security audit log of SAP HANA, versions 1.0 and 2.0, does not log SELECT events if these events are part of a statement with the syntax CREATE TABLE <table_name> AS SELECT.

Affected Software

VendorProductVersion RangeStatus
SAPSAP HANA= 1.0affected
SAPSAP HANA= 2.0affected

Weaknesses

  • Other

ADP Enrichment

CVE Program Container

Additional References

References