Skip to main content

Supplier Relationship Management Mdm Catalog

2 CVEs product

Monthly

CVE-2018-2449 HIGH This Week

SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) - import functionality does not perform authentication checks for valid repository user. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft SAP Supplier Relationship Management Mdm Catalog
NVD
CVSS 3.0
8.6
EPSS
1.6%
CVE-2018-2448 MEDIUM This Month

Under certain conditions SAP SRM-MDM (CATALOG versions 3.0, 7.01, 7.02) utilities functionality allows an attacker to access information of user existence which would otherwise be restricted. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Supplier Relationship Management Mdm Catalog
NVD
CVSS 3.0
5.3
EPSS
1.4%
EPSS 2% CVSS 8.6
HIGH This Week

SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) - import functionality does not perform authentication checks for valid repository user. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft SAP +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Under certain conditions SAP SRM-MDM (CATALOG versions 3.0, 7.01, 7.02) utilities functionality allows an attacker to access information of user existence which would otherwise be restricted. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Supplier Relationship Management Mdm Catalog
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy