Vulnerabilities > SAP > Commerce Hycom

DATE CVE VULNERABILITY TITLE RISK
2023-08-08 CVE-2023-37486 Unspecified vulnerability in SAP Commerce Cloud and Commerce Hycom
Under certain conditions SAP Commerce (OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD 2211, endpoints allow an attacker to access information which would otherwise be restricted.
network
low complexity
sap
7.5
2023-08-08 CVE-2023-39439 Unspecified vulnerability in SAP Commerce Cloud and Commerce Hycom
SAP Commerce Cloud may accept an empty passphrase for user ID and passphrase authentication, allowing users to log into the system without a passphrase.
network
low complexity
sap
critical
9.8