SAP has rushed out a patch for its TREX search engine, after security researchers found bugs in a 2015 patch.
TREX is a search engine used in several SAP products, including its HANA database and its venerable NetWeaver application and integration platform.
According to ERPScan, SAP thought it had patched the code injection vulnerability in December 2015.
ORIGINAL SOURCE: The Register
from SAP’s TREX exposed HANA, NetWeaver