CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Sap: >> Commerce Cloud >> 2105 Security Vulnerabilities

CVE-2024-33003

Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII) data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included in the request URL as query or path parameters. On successful exploitation, this could lead to a High impact on confidentiality and integrity of the application.

CVSS Score

7.4

EPSS Score

0.002

Published

2024-08-13

Page 1

Vulnerabilities

Vulnerable Software

Sap: >> Commerce Cloud >> 2105 Security Vulnerabilities

Products

Pricing

Contact Us