Sap: >> Master Data Governance Security Vulnerabilities
SAP Master Data Governance File Upload application allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing ‘traverse to parent directory’ are passed through to the file APIs. As a result, it has a low impact to the confidentiality.
CVSS Score
3.5
EPSS Score
0.001
Published
2023-12-12
SAP Master Data Governance, versions - 748, 749, 750, 751, 752, 800, 801, 802, 803, 804, allows users to display change request details without having required authorizations, due to Missing Authorization Check.
CVSS Score
5.4
EPSS Score
0.001
Published
2020-05-12