Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2020-6258
- EPSS 0.17%
- Published 12.05.2020 18:15:14
- Last modified 21.11.2024 05:35:23
SAP Identity Management, version 8.0, does not perform necessary authorization checks for an authenticated user, allowing the attacker to view certain sensitive information of the victim, leading to Missing Authorization Check.
8.8
CVE-2019-0301
- EPSS 0.33%
- Published 14.05.2019 21:29:01
- Last modified 21.11.2024 04:16:39
Under certain conditions, it is possible to request the modification of role or privilege assignments through SAP Identity Management REST Interface Version 2, which would otherwise be restricted only for viewing.
5.5
CVE-2018-2416
- EPSS 0.75%
- Published 09.05.2018 20:29:00
- Last modified 21.11.2024 04:03:46
SAP Identity Management 7.2 and 8.0 do not sufficiently validate an XML document accepted from an untrusted source.
5.3
CVE-2018-2417
- EPSS 0.25%
- Published 09.05.2018 20:29:00
- Last modified 21.11.2024 04:03:46
Under certain conditions, the SAP Identity Management 8.0 (pass of type ToASCII) allows an attacker to access information which would otherwise be restricted.
1