Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP HANA
(SAP HANA)
Описание
The system privilege DATA ADMIN is a powerful privilege. It authorizes a user to read all
data in system views, as well as to execute all data definition language (DDL) commands in
the SAP HANA database. Only the users SYSTEM and _SYS_REPO users have this privilege
by default.
No user or role in a production system should have this privilege.
You can verify whether a user or role has the DATA ADMIN privilege by executing the statement:
SELECT * FROM EFFECTIVE_PRIVILEGE_GRANTEES WHERE OBJECT_TYPE
= 'SYSTEMPRIVILEGE' AND PRIVILEGE = 'DATA ADMIN' AND GRANTEE
NOT IN ('SYSTEM','_SYS_REPO');
data in system views, as well as to execute all data definition language (DDL) commands in
the SAP HANA database. Only the users SYSTEM and _SYS_REPO users have this privilege
by default.
No user or role in a production system should have this privilege.
You can verify whether a user or role has the DATA ADMIN privilege by executing the statement:
SELECT * FROM EFFECTIVE_PRIVILEGE_GRANTEES WHERE OBJECT_TYPE
= 'SYSTEMPRIVILEGE' AND PRIVILEGE = 'DATA ADMIN' AND GRANTEE
NOT IN ('SYSTEM','_SYS_REPO');
Как исправить
Ссылки