Vulnerabilities > SAP > Point OF Sale Xpress Server

DATE CVE VULNERABILITY TITLE RISK
2017-10-16 CVE-2017-15295 Improper Authentication vulnerability in SAP Point of Sale Xpress Server 1020/1030
Xpress Server in SAP POS does not require authentication for read/write/delete file access.
network
low complexity
sap CWE-287
critical
10.0
2017-10-16 CVE-2017-15293 Improper Authentication vulnerability in SAP Point of Sale Xpress Server 1020/1030
Xpress Server in SAP POS does not require authentication for file read and erase operations, daemon shutdown, terminal read operations, or certain attacks on credentials.
network
low complexity
sap CWE-287
critical
10.0