Vulnerabilities > SAP > Commerce Hycom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-08 | CVE-2023-37486 | Information Exposure Through Caching vulnerability in SAP Commerce Cloud and Commerce Hycom Under certain conditions SAP Commerce (OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD 2211, endpoints allow an attacker to access information which would otherwise be restricted. | 7.5 |
| 2023-08-08 | CVE-2023-39439 | Empty Password in Configuration File vulnerability in SAP Commerce Cloud and Commerce Hycom SAP Commerce Cloud may accept an empty passphrase for user ID and passphrase authentication, allowing users to log into the system without a passphrase. | 9.8 |