Potentially, SAP Cloud Connector, version - 2.0 communication with the backend is accepted without sufficient validation of the certificate.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NSap Cloud Connector
APPSap2.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Powiązane podatności
CVE-2019-0247CRITICAL9.8ten sam produkt
SAP Cloud Connector, before version 2.11.3, allows an attacker to inject code that can be executed by the appl...
CVE-2019-0246CRITICAL9.8ten sam produkt
SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for functionalities tha...
CVE-2024-25642HIGH7.4ten sam produkt
Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the g...
CVE-2021-33692HIGH7.5ten sam produkt
SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be tricked ...
CVE-2021-33693MEDIUM6.8ten sam produkt
SAP Cloud Connector, version - 2.0, allows an authenticated administrator to modify a configuration file to in...