Supplier Relationship Management Mdm Catalog Security Vulnerabilities and Issues — Supplier Relationship Management Mdm Catalog CVE List

Lucene search

SapSupplier Relationship Management Mdm Catalog

2 matches found

CVE•added 2018/08/14 4:29 p.m.•39 views

CVE-2018-2449

SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) - import functionality does not perform authentication checks for valid repository user. This is an unauthenticated functionality that you can use on windows machines to do SMB relaying.

8.6CVSS8.7AI score0.01304EPSS

CVE•added 2018/08/14 4:29 p.m.•33 views

CVE-2018-2448

Under certain conditions SAP SRM-MDM (CATALOG versions 3.0, 7.01, 7.02) utilities functionality allows an attacker to access information of user existence which would otherwise be restricted.

5.3CVSS5.1AI score0.00247EPSS