Vulnerabilities > SAP > Plant Connectivity > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-06-13 CVE-2023-2827 Missing Authentication for Critical Function vulnerability in SAP Digital Manufacturing and Plant Connectivity
SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital Manufacturing - version 1.0, do not validate the signature of the JSON Web Token (JWT) in the HTTP request sent from SAP Digital Manufacturing.
low complexity
sap CWE-306
5.7
2017-12-12 CVE-2017-16690 Untrusted Search Path vulnerability in SAP Plant Connectivity 15.0/2.3
A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0.
network
sap CWE-426
6.8