Vulnerabilities > SAP > Cloud Connector > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-09-15 CVE-2021-33695 Improper Certificate Validation vulnerability in SAP Cloud Connector 2.0
Potentially, SAP Cloud Connector, version - 2.0 communication with the backend is accepted without sufficient validation of the certificate.
network
low complexity
sap CWE-295
critical
 9.1
9.1
2019-01-08 CVE-2019-0246 Missing Authentication for Critical Function vulnerability in SAP Cloud Connector
SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for functionalities that require user identity.
network
low complexity
sap CWE-306
critical
 9.8
9.8
2019-01-08 CVE-2019-0247 Code Injection vulnerability in SAP Cloud Connector
SAP Cloud Connector, before version 2.11.3, allows an attacker to inject code that can be executed by the application.
network
low complexity
sap CWE-94
critical
 9.8
9.8