cvedb.io
CVE-2017-8914
HIGH · CVSS 8.3
EPSS exploitation probability: 0%
Published 2017-05-23T04:29:02.290 · Last modified 2026-06-17T01:27:11.540

Summary

sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to hijack npm packages or host arbitrary files by leveraging an insecure user creation policy, aka SAP Security Note 2407694.

Affected products

sap — hana_xs

Does this affect you?

Add your gear to cvedb and we'll alert you only when sap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.