Vulnerabilities > SAP > Contributor License Agreement Assistant

DATE CVE VULNERABILITY TITLE RISK
2023-08-15 CVE-2023-39438 Missing Authorization vulnerability in SAP Contributor License Agreement Assistant
A missing authorization check allows an arbitrary authenticated user to perform certain operations through the API of CLA-assistant by executing specific additional steps.
network
low complexity
sap CWE-862
8.1
2022-06-06 CVE-2022-29617 Improper Handling of Exceptional Conditions vulnerability in SAP Contributor License Agreement Assistant
Due to improper error handling an authenticated user can crash CLA assistant instance.
network
low complexity
sap CWE-755
6.5