EUVD-2023-41373

Malicious code in bioql PyPI...

CVE-2024-33003

Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information PII data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included in the request URL as query or path parameters. On successful exploitation, this could lead to a Hi...

PT-2024-6173 · Sap · Sap Commerce Cloud

Name of the Vulnerable Software and Affected Versions: SAP Commerce Cloud affected versions not specified Description: The issue is related to errors in processing information in the OCC API Endpoint component of SAP Commerce Cloud. This could allow a remote attacker to gain unauthorized access t...

CVE-2023-37486 Information Disclosure vulnerability in SAP Commerce (OCC API)

Under certain conditions SAP Commerce OCC API - versions HYCOM 2105, HYCOM 2205, COMCLOUD 2211, endpoints allow an attacker to access information which would otherwise be restricted. On successful exploitation there could be a high impact on confidentiality with no impact on integrity and...

CVE-2023-37486 Information Disclosure vulnerability in SAP Commerce (OCC API)

Under certain conditions SAP Commerce OCC API - versions HYCOM 2105, HYCOM 2205, COMCLOUD 2211, endpoints allow an attacker to access information which would otherwise be restricted. On successful exploitation there could be a high impact on confidentiality with no impact on integrity and...

CVE-2023-37486

Summary : CVE-2023-37486 corresponds to an information-disclosure issue in SAP Commerce (OCC API). The affected components are SAP Commerce Cloud/Hybris with OCC API endpoints HY_COM 2105, HY_COM 2205, and COM_CLOUD 2211. According to the provided documents, under certain conditions these endpoin...