CVE-2024-33003 – Information Disclosure Vulnerability in SAP Commerce Cloud
https://notcve.org/view.php?id=CVE-2024-33003
Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII) data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included in the request URL as query or path parameters. On successful exploitation, this could lead to a High impact on confidentiality and integrity of the application. • https://me.sap.com/notes/3459935 https://url.sap/sapsecuritypatchday • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-42481 – Improper Access Control vulnerability in SAP Commerce Cloud
https://notcve.org/view.php?id=CVE-2023-42481
In SAP Commerce Cloud - versions HY_COM 1905, HY_COM 2005, HY_COM2105, HY_COM 2011, HY_COM 2205, COM_CLOUD 2211, a locked B2B user can misuse the forgotten password functionality to un-block his user account again and re-gain access if SAP Commerce Cloud - Composable Storefront is used as storefront, due to weak access controls in place. This leads to a considerable impact on confidentiality and integrity. En SAP Commerce Cloud - versiones HY_COM 1905, HY_COM 2005, HY_COM2105, HY_COM 2011, HY_COM 2205, COM_CLOUD 2211, un usuario B2B bloqueado puede hacer un mal uso de la funcionalidad de contraseña olvidada para desbloquear su cuenta de usuario nuevamente y volver a obtener acceso si SAP Commerce Cloud - Composable Storefront se utiliza como escaparate, debido a los débiles controles de acceso implementados. Esto tiene un impacto considerable en la confidencialidad y la integridad. • https://me.sap.com/notes/3394567 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-284: Improper Access Control CWE-640: Weak Password Recovery Mechanism for Forgotten Password •
CVE-2023-37486 – Information Disclosure vulnerability in SAP Commerce (OCC API)
https://notcve.org/view.php?id=CVE-2023-37486
Under certain conditions SAP Commerce (OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD 2211, endpoints allow an attacker to access information which would otherwise be restricted. On successful exploitation there could be a high impact on confidentiality with no impact on integrity and availability of the application. • https://me.sap.com/notes/3341934 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-524: Use of Cache Containing Sensitive Information •
CVE-2023-39439 – SAP Commerce accepts empty passphrases.
https://notcve.org/view.php?id=CVE-2023-39439
SAP Commerce Cloud may accept an empty passphrase for user ID and passphrase authentication, allowing users to log into the system without a passphrase. • https://me.sap.com/notes/3346500 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-258: Empty Password in Configuration File CWE-1390: Weak Authentication •
CVE-2021-33666
https://notcve.org/view.php?id=CVE-2021-33666
When SAP Commerce Cloud version 100, hosts a JavaScript storefront, it is vulnerable to MIME sniffing, which, in certain circumstances, could be used to facilitate an XSS attack or malware proliferation. Cuando SAP Commerce Cloud versión 100 aloja un escaparate de JavaScript, es vulnerable al rastreo de MIME, que, en determinadas circunstancias, podría usarse para facilitar un ataque de tipo XSS o la proliferación de malware • https://launchpad.support.sap.com/#/notes/2985562 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=578125999 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •