← Back

Process Integration

process_integration

Vendor: Sap • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-6305
1Sap
1Process Integration
Nov 21, 2024
Jan 14, 2020
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
PI Rest Adapter of SAP Process Integration (update provided in SAP_XIAF 7.31, 7.40, 7.50) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
CVE-2019-0379
1Sap
1Process Integration
Nov 21, 2024
Oct 8, 2019
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
SAP Process Integration, business-to-business add-on, versions 1.0, 2.0, does not perform authentication check properly when the default security provider is changed to BouncyCastle (BC), leading to Missing Authenticatio...Show more
SAP Process Integration, business-to-business add-on, versions 1.0, 2.0, does not perform authentication check properly when the default security provider is changed to BouncyCastle (BC), leading to Missing Authentication CheckShow less