Sap Identity Management — known CVE vulnerabilities
Every CVE whose affected-product data names Sap Identity Management, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2019-0301 — CVSS 8.8 (high): Under certain conditions, it is possible to request the modification of role or privilege assignments through SAP Identity Management REST…
CVE-2020-6258 — CVSS 6.5 (medium): SAP Identity Management, version 8.0, does not perform necessary authorization checks for an authenticated user, allowing the attacker to…
CVE-2018-2416 — CVSS 5.4 (medium): SAP Identity Management 7.2 and 8.0 do not sufficiently validate an XML document accepted from an untrusted source.
CVE-2018-2417 — CVSS 5.3 (medium): Under certain conditions, the SAP Identity Management 8.0 (pass of type ToASCII) allows an attacker to access information which would…