- SAP Community
- Questions about SAP Websites
- SAP HANA XS Advanced Java Runtime
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
SAP HANA XS Advanced Java Runtime
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 2016 Jul 18 10:14 AM
- SAP Managed Tags:
- Support Services
Our customer found the following article:
SAP_F17T1_13
SAP HANA XS Advanced Java Runtime
HIGH
7.3
Deserialization of untrusted data in SAP HANA XS Advanced Java Runtime
SAP HANA XS Advanced Java Runtime uses a version of Apache Commons Collections, which deserializes untrusted data without sufficiently verifying that resulting data will be valid. This weakness may lead to remote command execution or denial of service vulnerability.
2252191
12.04.2016
I've checked on SAP Support and the prerequisites to install the relative patche is "This SAP Note is only applicable in case you are using SAP HANA XS Advanced Java Runtime with Apache Tomee."
May I ask ho to check the prerequisite on the SAP-HANA Nodes or Application Server ?
Need more details?
Request clarification before answering.
Accepted Solutions (0)
Answers (1)
Answers (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.