Vulnerabilities > SAP > Cloud Connector > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-13 | CVE-2024-25642 | Improper Certificate Validation vulnerability in SAP Cloud Connector 2.0 Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. | 7.4 |
| 2021-09-15 | CVE-2021-33693 | Code Injection vulnerability in SAP Cloud Connector 2.0 SAP Cloud Connector, version - 2.0, allows an authenticated administrator to modify a configuration file to inject malicious codes that could potentially lead to OS command execution. | 7.7 |
| 2019-01-08 | CVE-2019-0247 | Code Injection vulnerability in SAP Cloud Connector SAP Cloud Connector, before version 2.11.3, allows an attacker to inject code that can be executed by the application. | 7.5 |
| 2019-01-08 | CVE-2019-0246 | Missing Authentication for Critical Function vulnerability in SAP Cloud Connector SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for functionalities that require user identity. | 7.5 |