SAP HANA vulnerability threat report.

The user self-service tools of SAP HANA contain some vulnerabilities and in order to prevent it , we have to update the systems or desactivate the the self-service tool.

In order to to determine wheather the the self-service tool is activated or not, we need to SQL the HANA database and query the folowing:
SELECT NAME, STATUS FROM "_SYS_XS"."SQL_CONNECTIONS" WHERE NAME =
'sap.hana.xs.selfService.user::selfService'

However it is not specified what result to expect if the tool is active, or not. The behaviors that I have so far on different systems are sligtly different.
Sometimes after the query, nothing happen. You go to the the next line. At times you are prompt for a username, others receive the following error:
Password:=*-10709  Connect Failed (No reachable host left).

I would like to know what result to expect when executing above query when self-user tool is active and vise versa.
Thank  you all for the help
Maniman manTechnology ConsultantAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gheistCommented:
Probably expected result is list of active connections of that type.
0
btanExec ConsultantCommented:
You may check on and from SQL it isblikely to return the user created and its status state. The security note from SAP should hace more info.

https://www.linkedin.com/pulse/critical-security-flaw-sap-hana-user-self-service-tools-alper-somuncu

You can check from the web access as stated in the article.

To activate the tool you need admin privileges and config files are updated if enabled https://help.sap.com/viewer/6b94445c94ae495c83a19646e7c3fd56/2.0.00/en-US/7874f65641db4a81b7e99e30e807f866.html
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Vulnerabilities

From novice to tech pro — start learning today.