Vulnerabilities > SAP > Supplier Relationship Management MDM Catalog

DATE CVE VULNERABILITY TITLE RISK
2018-08-14 CVE-2018-2449 Improper Authentication vulnerability in SAP Supplier Relationship Management MDM Catalog 3.73/7.31/7.32
SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) - import functionality does not perform authentication checks for valid repository user.
network
low complexity
sap CWE-287
7.5
2018-08-14 CVE-2018-2448 Unspecified vulnerability in SAP Supplier Relationship Management MDM Catalog 3.0/7.01/7.02
Under certain conditions SAP SRM-MDM (CATALOG versions 3.0, 7.01, 7.02) utilities functionality allows an attacker to access information of user existence which would otherwise be restricted.
network
low complexity
sap
5.0