VYPR
High severity8.1NVD Advisory· Published Aug 5, 2016· Updated Jun 17, 2026

CVE-2016-6144

CVE-2016-6144

Description

The SQL interface in SAP HANA before Revision 102 does not limit the number of login attempts for the SYSTEM user when the password_lock_for_system_user is not supported or is configured as "False," which makes it easier for remote attackers to bypass authentication via a brute force attack, aka SAP Security Note 2216869.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • SAP/Hana2 versions
    cpe:2.3:a:sap:hana:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:sap:hana:*:*:*:*:*:*:*:*range: <=1.00.73.00.389160
    • (no CPE)range: < Revision 102

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.