VYPR
Medium severity5.3NVD Advisory· Published Dec 12, 2017· Updated Jun 17, 2026

CVE-2017-16687

CVE-2017-16687

Description

The user self-service tools of SAP HANA extended application services, classic user self-service, a part of SAP HANA Database versions 1.00 and 2.00, can be misused to enumerate valid and invalid user accounts. An unauthenticated user could use the error messages to determine if a given username is valid.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • SAP/Hana Database3 versions
    cpe:2.3:a:sap:hana_database:1.00:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:sap:hana_database:1.00:*:*:*:*:*:*:*
    • cpe:2.3:a:sap:hana_database:2.00:*:*:*:*:*:*:*
    • (no CPE)range: 1.00 and 2.00
  • 1.00 and 2.00+ 1 more
    • (no CPE)range: 1.00 and 2.00
    • (no CPE)range: SAP HANA Database 1.00, 2.00

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.