Vulnerabilities > SAP > Cloud Connector > High

DATE CVE VULNERABILITY TITLE RISK
2024-02-13 CVE-2024-25642 Improper Certificate Validation vulnerability in SAP Cloud Connector 2.0
Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication.
network
high complexity
sap CWE-295
7.4
2021-09-15 CVE-2021-33693 Code Injection vulnerability in SAP Cloud Connector 2.0
SAP Cloud Connector, version - 2.0, allows an authenticated administrator to modify a configuration file to inject malicious codes that could potentially lead to OS command execution.
low complexity
sap CWE-94
7.7
2019-01-08 CVE-2019-0247 Code Injection vulnerability in SAP Cloud Connector
SAP Cloud Connector, before version 2.11.3, allows an attacker to inject code that can be executed by the application.
network
low complexity
sap CWE-94
7.5
2019-01-08 CVE-2019-0246 Missing Authentication for Critical Function vulnerability in SAP Cloud Connector
SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for functionalities that require user identity.
network
low complexity
sap CWE-306
7.5