Описание
SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital Manufacturing - version 1.0, do not validate the signature of the JSON Web Token (JWT) in the HTTP request sent from SAP Digital Manufacturing. Therefore, unauthorized callers from the internal network could send service requests to PCo or the Production Connector, which could have an impact on the integrity of the integration with SAP Digital Manufacturing.
Ссылки
- Permissions Required
- Vendor Advisory
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
Одновременно
EPSS
7.9 High
CVSS3
5.7 Medium
CVSS3
Дефекты
Связанные уязвимости
SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital Manufacturing - version 1.0, do not validate the signature of the JSON Web Token (JWT) in the HTTP request sent from SAP Digital Manufacturing. Therefore, unauthorized callers from the internal network could send service requests to PCo or the Production Connector, which could have an impact on the integrity of the integration with SAP Digital Manufacturing.
Уязвимость компонентов SAP Plant Connectivity и Production Connector программного обеспечения для управления производственными операциями и производственными процессами SAP Digital Manufacturing, позволяющая нарушителю выполнить произвольный код
EPSS
7.9 High
CVSS3
5.7 Medium
CVSS3