Sap: >> Supplier Relationship Management Mdm Catalog Security Vulnerabilities
Under certain conditions SAP SRM-MDM (CATALOG versions 3.0, 7.01, 7.02) utilities functionality allows an attacker to access information of user existence which would otherwise be restricted.
CVSS Score
5.3
EPSS Score
0.002
Published
2018-08-14
SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) - import functionality does not perform authentication checks for valid repository user. This is an unauthenticated functionality that you can use on windows machines to do SMB relaying.
CVSS Score
8.6
EPSS Score
0.013
Published
2018-08-14