Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Disclosure_management
(Sap)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 16 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-04-10 | CVE-2018-2403 | Under certain conditions, SAP Disclosure Management 10.1 allows an attacker to access information which would otherwise be restricted. It is possible for an authorized user to get SAP Disclosure Management to point a specific chapter type to a chapter the user has not been given access to. | Disclosure_management | 6.5 | ||
| 2018-04-10 | CVE-2018-2413 | SAP Disclosure Management 10.1 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | Disclosure_management | 8.8 | ||
| 2018-04-10 | CVE-2018-2412 | SAP Disclosure Management 10.1 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | Disclosure_management | 8.8 | ||
| 2018-04-10 | CVE-2018-2404 | SAP Disclosure Management 10.1 allows an attacker to upload any file without proper file format validation. | Disclosure_management | 9.8 | ||
| 2019-02-15 | CVE-2019-0258 | SAP Disclosure Management, version 10.01, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | Disclosure_management | 8.8 | ||
| 2019-02-15 | CVE-2019-0254 | SAP Disclosure Management (before version 10.1 Stack 1301) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | Disclosure_management | 5.4 |