Vulnerabilities > SAP > Cloud Connector > 2.11

DATE CVE VULNERABILITY TITLE RISK
2019-01-08 CVE-2019-0247 Code Injection vulnerability in SAP Cloud Connector
SAP Cloud Connector, before version 2.11.3, allows an attacker to inject code that can be executed by the application.
network
low complexity
sap CWE-94
critical
 9.8
9.8
2019-01-08 CVE-2019-0246 Missing Authentication for Critical Function vulnerability in SAP Cloud Connector
SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for functionalities that require user identity.
network
low complexity
sap CWE-306
critical
 9.8
9.8