asked on
SAP HANA vulnerability threat report.
The user self-service tools of SAP HANA contain some vulnerabilities and in order to prevent it , we have to update the systems or desactivate the the self-service tool.
In order to to determine wheather the the self-service tool is activated or not, we need to SQL the HANA database and query the folowing:
SELECT NAME, STATUS FROM "_SYS_XS"."SQL_CONNECTIONS
'sap.hana.xs.selfService.u
However it is not specified what result to expect if the tool is active, or not. The behaviors that I have so far on different systems are sligtly different.
Sometimes after the query, nothing happen. You go to the the next line. At times you are prompt for a username, others receive the following error:
Password:=*-10709 Connect Failed (No reachable host left).
I would like to know what result to expect when executing above query when self-user tool is active and vise versa.
Thank you all for the help
In order to to determine wheather the the self-service tool is activated or not, we need to SQL the HANA database and query the folowing:
SELECT NAME, STATUS FROM "_SYS_XS"."SQL_CONNECTIONS
'sap.hana.xs.selfService.u
However it is not specified what result to expect if the tool is active, or not. The behaviors that I have so far on different systems are sligtly different.
Sometimes after the query, nothing happen. You go to the the next line. At times you are prompt for a username, others receive the following error:
Password:=*-10709 Connect Failed (No reachable host left).
I would like to know what result to expect when executing above query when self-user tool is active and vise versa.
Thank you all for the help
VulnerabilitiesSecurity
Last Comment
btan
Probably expected result is list of active connections of that type.
ASKER CERTIFIED SOLUTION
Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a questionI started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck