Commerce Cloud Security Vulnerabilities and Issues — Commerce Cloud CVE List

Lucene search

SapCommerce Cloud

2 matches found

CVE•added 2020/04/14 7:15 p.m.•42 views

CVE-2020-6238

SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability (partially) of SAP Commerce.

9.3CVSS9AI score0.00408EPSS

CVE•added 2020/04/14 7:15 p.m.•36 views

CVE-2020-6232

SAP Commerce, versions 1811, 1905, does not perform necessary authorization checks for an anonymous user, due to Missing Authorization Check. This affects confidentiality of secure media.

5.3CVSS5.3AI score0.00248EPSS