Vulnerability Details CVE-2024-41733
In SAP Commerce, valid user accounts can be
identified during the customer registration and login processes. This allows a
potential attacker to learn if a given e-mail is used for an account, but does
not grant access to any customer data beyond this knowledge. The attacker must
already know the e-mail that they wish to test for. The impact on
confidentiality therefore is low and no impact to integrity or availability
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.7%
CVSS Severity
CVSS v3 Score 5.3