VYPR
Unrated severityNVD Advisory· Published Aug 8, 2023· Updated Feb 27, 2025

SAP Commerce accepts empty passphrases.

CVE-2023-39439

Description

SAP Commerce Cloud may accept an empty passphrase for user ID and passphrase authentication, allowing users to log into the system without a passphrase.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.