Unrated severityNVD Advisory· Published Aug 8, 2023· Updated Feb 27, 2025
SAP Commerce accepts empty passphrases.
CVE-2023-39439
Description
SAP Commerce Cloud may accept an empty passphrase for user ID and passphrase authentication, allowing users to log into the system without a passphrase.
Affected products
2- Range: HY_COM 2105
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.