Every CVE whose affected-product data names Sap Commerce Hycom, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2023-39439 — CVSS 8.8 (high): SAP Commerce Cloud may accept an empty passphrase for user ID and passphrase authentication, allowing users to log into the system without…
CVE-2023-37486 — CVSS 5.9 (medium): Under certain conditions SAP Commerce (OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD 2211, endpoints allow an attacker to access…