Vulnerabilities > SAP > Plant Connectivity
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-13 | CVE-2023-2827 | Missing Authentication for Critical Function vulnerability in SAP Digital Manufacturing and Plant Connectivity SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital Manufacturing - version 1.0, do not validate the signature of the JSON Web Token (JWT) in the HTTP request sent from SAP Digital Manufacturing. | 5.7 |
2017-12-12 | CVE-2017-16690 | Untrusted Search Path vulnerability in SAP Plant Connectivity 15.0/2.3 A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. | 6.8 |
2015-11-24 | CVE-2015-8330 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP Plant Connectivity The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers to cause a denial of service (memory corruption and agent crash) via crafted xMII requests, aka SAP Security Note 2238619. | 7.8 |