← Back

Master Data Governance

master_data_governance

Vendor: Sap • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-49058
1Sap
1Master Data Governance
Nov 21, 2024
Dec 12, 2023
N/A· v4
5.3 MEDIUM· v3
N/A· v2
SAP Master Data Governance File Upload application allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing ‘traverse to parent directory’ are passed throu...Show more
SAP Master Data Governance File Upload application allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing ‘traverse to parent directory’ are passed through to the file APIs. As a result, it has a low impact to the confidentiality. Show less
CVE-2020-6256
1Sap
1Master Data Governance
Nov 21, 2024
May 12, 2020
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
SAP Master Data Governance, versions - 748, 749, 750, 751, 752, 800, 801, 802, 803, 804, allows users to display change request details without having required authorizations, due to Missing Authorization Check.