2 matches found
CVE-2023-37486
Summary : CVE-2023-37486 corresponds to an information-disclosure issue in SAP Commerce (OCC API). The affected components are SAP Commerce Cloud/Hybris with OCC API endpoints HY_COM 2105, HY_COM 2205, and COM_CLOUD 2211. According to the provided documents, under certain conditions these endpoin...
CVE-2023-39439
CVE-2023-39439 affects SAP Commerce Cloud. The provided connected documents confirm an empty passphrase is accepted for user ID and passphrase authentication, enabling login without a passphrase. Affected product is SAP Commerce Cloud; the underlying issue is authentication accepting an empty pas...