SAP Identity Management, version 8.0, does not perform necessary authorization checks for an authenticated user, allowing the attacker to view certain sensitive information of the victim, leading to Missing Authorization...
6.5CVSS
6.2AI Score
0.001EPSS
Transaction Management in SAP Treasury and Risk Management (corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for functionalities that require user...
8.8CVSS
8.6AI Score
0.001EPSS
Under certain conditions, it is possible to request the modification of role or privilege assignments through SAP Identity Management REST Interface Version 2, which would otherwise be restricted only for...
8.8CVSS
8.6AI Score
0.001EPSS
SAP Identity Management 7.2 and 8.0 do not sufficiently validate an XML document accepted from an untrusted...
5.4CVSS
5.6AI Score
0.004EPSS
Under certain conditions, the SAP Identity Management 8.0 (pass of type ToASCII) allows an attacker to access information which would otherwise be...
5.3CVSS
5.1AI Score
0.001EPSS
SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user...
9.8CVSS
9.6AI Score
0.005EPSS