Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Lifecycle Timeline
4DescriptionCVE.org
Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer
AnalysisAI
SAP HANA Cockpit and HANA Database Explorer leak sensitive information to authenticated network users due to improper credential storage mechanisms (CWE-522). An authenticated attacker with network access can retrieve confidential data without requiring elevated privileges or user interaction. This vulnerability affects all versions of SAP HANA Cockpit and HANA Database Explorer; patch availability and active exploitation status are not confirmed from available data.
Technical ContextAI
The vulnerability resides in SAP HANA Cockpit and HANA Database Explorer, administrative and monitoring tools for SAP HANA database instances. CWE-522 (Insufficiently Protected Credentials) indicates that sensitive credentials or configuration data are stored or transmitted without adequate security controls-likely in plaintext, weakly encrypted, or in predictable locations accessible to authenticated users. The affected products are network-accessible components (AV:N per CVSS) that maintain authentication credentials for backend HANA database connections. This suggests the vulnerability may involve credential caching, session storage, or configuration file exposure accessible through the web interface or API endpoints.
RemediationAI
Organizations must review SAP Note 3730639 (https://me.sap.com/notes/3730639) and SAP Security Patch Day (https://url.sap/sapsecuritypatchday) for vendor-issued patches and recommended fixes specific to their HANA Cockpit and HANA Database Explorer installations. Pending patch deployment, restrict network access to HANA Cockpit and HANA Database Explorer to trusted administrative users and segments, enforce strong authentication (multi-factor if supported), and monitor access logs for unauthorized credential retrieval attempts. Do not store or cache sensitive credentials in plaintext; ensure all configuration files containing database connection credentials are protected with file-level access controls and encryption.
Same weakness CWE-522 – Insufficiently Protected Credentials
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-22173
GHSA-rvmc-gf2q-j9mw