CVE-2023-39436

MEDIUM Year: 2023
CVSS v3 Score
5.8
Medium
Weakness Type
CWE-306
View all →

Vulnerability Description

SAP Supplier Relationship Management -versions 600, 602, 603, 604, 605, 606, 616, 617, allows an unauthorized attacker to discover information relating to SRM within Vendor Master Data for Business Partners replication functionality.This information could be used to allow the attacker to specialize their attacks against SRM.

Related Vulnerabilities

CVE-2021-22784

MEDIUM
CVSS:5.7(Medium)

A CWE-306: Missing Authentication for Critical Function vulnerability exists in C-Bus Toolkit v1.15.8 and prior that could allow an attacker to use a crafted webpage to obtain remote access to the sys...

CWE-3062021

CVE-2023-25780

MEDIUM
CVSS:5.7(Medium)

It is identified a vulnerability of insufficient authentication in an important specific function of Status PowerBPM. A LAN attacker with normal user privilege can exploit this vulnerability to modify...

CWE-3062023

CVE-2023-2827

MEDIUM
CVSS:5.7(Medium)

SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital Manufacturing - version 1.0, do not validate the signature of the JSON Web Token (JWT) in the HTTP request sent ...

CWE-3062023

CVE-2018-16758

MEDIUM
CVSS:5.9(Medium)

Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man-in-the-middle attack to disable the encryption of VPN packets.

CWE-3062018

CVE-2019-10886

MEDIUM
CVSS:5.9(Medium)

An incorrect access control exists in the Sony Photo Sharing Plus application in the firmware before PKG6.5629 version (for the X7500D TV and other applicable TVs). This vulnerability allows an attack...

CWE-3062019