Skip to main content

Identity Management

4 CVEs product

Monthly

CVE-2020-6258 MEDIUM This Month

SAP Identity Management, version 8.0, does not perform necessary authorization checks for an authenticated user, allowing the attacker to view certain sensitive information of the victim, leading to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Authentication Bypass Identity Management
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2019-0301 HIGH This Week

Under certain conditions, it is possible to request the modification of role or privilege assignments through SAP Identity Management REST Interface Version 2, which would otherwise be restricted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SAP Identity Management
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-2417 MEDIUM This Month

Under certain conditions, the SAP Identity Management 8.0 (pass of type ToASCII) allows an attacker to access information which would otherwise be restricted. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Identity Management
NVD
CVSS 3.0
5.3
EPSS
1.4%
CVE-2018-2416 MEDIUM This Month

SAP Identity Management 7.2 and 8.0 do not sufficiently validate an XML document accepted from an untrusted source. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Identity Management
NVD
CVSS 3.0
5.4
EPSS
1.5%
EPSS 1% CVSS 6.5
MEDIUM This Month

SAP Identity Management, version 8.0, does not perform necessary authorization checks for an authenticated user, allowing the attacker to view certain sensitive information of the victim, leading to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Authentication Bypass Identity Management
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Under certain conditions, it is possible to request the modification of role or privilege assignments through SAP Identity Management REST Interface Version 2, which would otherwise be restricted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SAP Identity Management
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Under certain conditions, the SAP Identity Management 8.0 (pass of type ToASCII) allows an attacker to access information which would otherwise be restricted. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Identity Management
NVD
EPSS 2% CVSS 5.4
MEDIUM This Month

SAP Identity Management 7.2 and 8.0 do not sufficiently validate an XML document accepted from an untrusted source. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Identity Management
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy