CVE-2026-0504

Due to insufficient input handling, the SAP Identity Management REST interface allows an authenticated administrator to submit specially crafted malicious REST requests that are processed by JNDI operations without adequate input neutralization. This may lead to limited disclosure or modification...

CVE-2026-0504 Insufficient Input Handling in JNDI Operations of SAP Identity Management

Due to insufficient input handling, the SAP Identity Management REST interface allows an authenticated administrator to submit specially crafted malicious REST requests that are processed by JNDI operations without adequate input neutralization. This may lead to limited disclosure or modification...

SAP Identity Management 安全漏洞

SAP Identity Management is a suite of identity management applications from SAP Germany that can be embedded into business processes. A security vulnerability exists in SAP Identity Management that stems from insufficient input processing and could cause an authenticated administrator to submit a...

CVE-2020-6258

SAP Identity Management, version 8.0, does not perform necessary authorization checks for an authenticated user, allowing the attacker to view certain sensitive information of the victim, leading to Missing Authorization Check...

SAP Identity Management XML External Entity Injection Vulnerability

SAP Identity Management is a suite of identity management applications from SAP that can be embedded into business processes. A security vulnerability exists in SAP Identity Management version 8.0, which arises from the program's failure to validate an XML document from an untrusted source. An...