11 matches found
VulnCheck KEV: CVE-2019-0344
SAP Commerce Cloud formerly known as Hybris contains a deserialization of untrusted data vulnerability within the mediaconversion and virtualjdbc extension that allows for code injection...
SAP Commerce Cloud Deserialization of Untrusted Data Vulnerability
SAP Commerce Cloud formerly known as Hybris contains a deserialization of untrusted data vulnerability within the mediaconversion and virtualjdbc extension that allows for code injection...
CVE-2019-0344
Due to unsafe deserialization used in SAP Commerce Cloud virtualjdbc extension, versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection...
CVE-2019-0344
Due to unsafe deserialization used in SAP Commerce Cloud virtualjdbc extension, versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection...
Code injection
Due to unsafe deserialization used in SAP Commerce Cloud virtualjdbc extension, versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection...
CVE-2019-0344
Due to unsafe deserialization used in SAP Commerce Cloud virtualjdbc extension, versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection...
CVE-2019-0344
Due to unsafe deserialization used in SAP Commerce Cloud virtualjdbc extension, versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection...
CVE-2019-0344
CVE-2019-0344 affects SAP Commerce Cloud (Hybris) via unsafe deserialization in the virtualjdbc extension, impacting versions 6.4–6.7, 1808, 1811, 1905. This allows arbitrary code execution with Hybris user rights (Code Injection). Connected sources corroborate the vulnerability and its impact. R...
CVE-2019-0344
Due to unsafe deserialization used in SAP Commerce Cloud virtualjdbc extension, versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with ‘Hybris’ user rights, resulting in Code Injection. Recent assessments: Assessed Attacker Value: 0 Assess...
PT-2019-4194 · Sap · Sap Commerce Cloud
Name of the Vulnerable Software and Affected Versions: SAP Commerce Cloud versions 6.4 through 6.7, 1808, 1811, 1905 Description: The issue is related to unsafe deserialization used in the virtualjdbc extension of SAP Commerce Cloud, allowing for the execution of arbitrary code on a target machin...
SAP Hybris E-commerce Suite VirtualJDBC SQL Injection
Application: SAP Hybris E-commerce Vendor URL: SAP Bugs: SQL Injection Reported: 01.02.2016 Vendor response: 02.02.2016 Date of Public Advisory: 14.02.2016 Reference: SAP replied “Due to the fact that this issue is inside Hybris cloud we don’t provide a security note. Please mention inside your...