Vulnerabilities > SAP > Supplier Relationship Management MDM Catalog
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-14 | CVE-2018-2449 | Improper Authentication vulnerability in SAP Supplier Relationship Management MDM Catalog 3.73/7.31/7.32 SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) - import functionality does not perform authentication checks for valid repository user. | 7.5 |
2018-08-14 | CVE-2018-2448 | Unspecified vulnerability in SAP Supplier Relationship Management MDM Catalog 3.0/7.01/7.02 Under certain conditions SAP SRM-MDM (CATALOG versions 3.0, 7.01, 7.02) utilities functionality allows an attacker to access information of user existence which would otherwise be restricted. | 5.0 |