Vulnerabilities > SAP > Contributor License Agreement Assistant > 2.4.5

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-15	CVE-2023-39438	Missing Authorization vulnerability in SAP Contributor License Agreement Assistant A missing authorization check allows an arbitrary authenticated user to perform certain operations through the API of CLA-assistant by executing specific additional steps. network low complexity sap CWE-862	8.1
2022-06-06	CVE-2022-29617	Improper Handling of Exceptional Conditions vulnerability in SAP Contributor License Agreement Assistant Due to improper error handling an authenticated user can crash CLA assistant instance. network low complexity sap CWE-755	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.