Описание
Under certain conditions SAP Commerce (OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD 2211, endpoints allow an attacker to access information which would otherwise be restricted. On successful exploitation there could be a high impact on confidentiality with no impact on integrity and availability of the application.
Ссылки
- Permissions Required
- Vendor Advisory
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
5.9 Medium
CVSS3
7.5 High
CVSS3
Дефекты
Связанные уязвимости
Under certain conditions SAP Commerce (OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD 2211, endpoints allow an attacker to access information which would otherwise be restricted. On successful exploitation there could be a high impact on confidentiality with no impact on integrity and availability of the application.
Уязвимость реализации прикладного программного интерфейса Omni Commerce Connect (OCC) платформ электронной коммерции SAP Commerce Cloud и SAP Hybris Commerce, позволяющая нарушителю оказать влияние на конфиденциальность защищаемой информации
EPSS
5.9 Medium
CVSS3
7.5 High
CVSS3