← Back

Supplier Relationship Management Mdm Catalog

supplier_relationship_management_mdm_catalog

Vendor: Sap • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-2449
1Sap
1Supplier Relationship Management Mdm Catalog
Nov 21, 2024
Aug 14, 2018
N/A· v4
8.6 HIGH· v3
7.5 HIGH· v2
SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) - import functionality does not perform authentication checks for valid repository user. This is an unauthenticated functionality that you can use on w...Show more
SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) - import functionality does not perform authentication checks for valid repository user. This is an unauthenticated functionality that you can use on windows machines to do SMB relaying.Show less
CVE-2018-2448
1Sap
1Supplier Relationship Management Mdm Catalog
Nov 21, 2024
Aug 14, 2018
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Under certain conditions SAP SRM-MDM (CATALOG versions 3.0, 7.01, 7.02) utilities functionality allows an attacker to access information of user existence which would otherwise be restricted.