56 matches found
CVE-2021-33693
SAP Cloud Connector, version - 2.0, allows an authenticated administrator to modify a configuration file to inject malicious codes that could potentially lead to OS command execution...
CVE-2021-33694
SAP Cloud Connector, version - 2.0, does not sufficiently encode user-controlled inputs, allowing an attacker with Administrator rights, to include malicious codes that get stored in the database, and when accessed, could be executed in the application, resulting in Stored Cross-Site Scripting...
CVE-2021-33692
SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be tricked to inject special elements such as '..' and '/' separators, for attackers to escape outside of the restricted location to access files or directories...
EUVD-2019-1020
Malware in sbrugna...
EUVD-2019-1019
Malware in sbrugna...
EUVD-2021-20371
Malware in sbrugna...
EUVD-2021-20372
Malware in sbrugna...
EUVD-2021-20369
Malware in sbrugna...
EUVD-2021-20370
Malware in sbrugna...
EUVD-2023-53531
Malicious code in bioql PyPI...
EUVD-2024-22958
Malicious code in bioql PyPI...
CVE-2025-42955 Missing authorization check in SAP Cloud Connector
Due to a missing authorization check in SAP Cloud Connector, an attacker on an adjacent network with low privileges could send a crafted request to the endpoint responsible for testing LDAP connections. A successful exploit could lead to reduced performance, hence a low-impact on availability of...
SAP Cloud Connector 安全漏洞
SAP Cloud Connector is a tool from SAP, Germany, used to establish a secure connection between local systems and SAP Cloud Platform. A security vulnerability exists in SAP Cloud Connector that stems from a lack of authorization checks and could lead to degraded service performance...
CVE-2023-49578
SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform Denial of service attack from adjacent UI by sending a malicious request which leads to low impact on the availability and no impact on confidentiality or Integrity of the application...
CVE-2021-33695
Potentially, SAP Cloud Connector, version - 2.0 communication with the backend is accepted without sufficient validation of the certificate...
CVE-2024-25642
Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the...
SAP Cloud Connector 2.16.1 Missing Validation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Tolerating Self-Signed Certificates product: SAP® Cloud Connector vulnerable version: 2.15.0 - 2.16.1 Portable and Installer fixed version: 2.16.2 Portable and Installer...
SAP Cloud Connector Trust Management Issues Vulnerability (CNVD-2024-10198)
SAP Cloud Connector is a tool from SAP Germany for establishing a secure connection between local systems and SAP Cloud Platform. A trust management issue vulnerability exists in SAP Cloud Connector version 2.0, which stems from incorrect certificate validation, and can be exploited by an attacke...
CVE-2024-25642
Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the...
Input validation
Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the...