Identity Management Security Vulnerabilities and Issues — Identity Management CVE List

Lucene search

SapIdentity Management

4 matches found

CVE•added 2020/05/12 6:15 p.m.•46 views

CVE-2020-6258

SAP Identity Management, version 8.0, does not perform necessary authorization checks for an authenticated user, allowing the attacker to view certain sensitive information of the victim, leading to Missing Authorization Check.

6.5CVSS6.2AI score0.00171EPSS

CVE•added 2019/05/14 9:29 p.m.•35 views

CVE-2019-0301

Under certain conditions, it is possible to request the modification of role or privilege assignments through SAP Identity Management REST Interface Version 2, which would otherwise be restricted only for viewing.

8.8CVSS8.6AI score0.00352EPSS

CVE•added 2018/05/09 8:29 p.m.•27 views

CVE-2018-2417

Under certain conditions, the SAP Identity Management 8.0 (pass of type ToASCII) allows an attacker to access information which would otherwise be restricted.

5.3CVSS5.1AI score0.00247EPSS

CVE•added 2018/05/09 8:29 p.m.•24 views

CVE-2018-2416

SAP Identity Management 7.2 and 8.0 do not sufficiently validate an XML document accepted from an untrusted source.

5.5CVSS5.6AI score0.00748EPSS