Vulnerabilities > SAP > Disclosure Management > 10.1

DATE CVE VULNERABILITY TITLE RISK
2018-04-10 CVE-2018-2412 Missing Authorization vulnerability in SAP Disclosure Management 10.1
SAP Disclosure Management 10.1 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
network
low complexity
sap CWE-862
8.8
8.8
2018-04-10 CVE-2018-2404 Unrestricted Upload of File with Dangerous Type vulnerability in SAP Disclosure Management 10.1
SAP Disclosure Management 10.1 allows an attacker to upload any file without proper file format validation.
network
low complexity
sap CWE-434
critical
 9.8
9.8
2018-04-10 CVE-2018-2403 Unspecified vulnerability in SAP Disclosure Management 10.1
Under certain conditions, SAP Disclosure Management 10.1 allows an attacker to access information which would otherwise be restricted.
network
low complexity
sap
6.5
6.5