Unrated severityNVD Advisory· Published Aug 13, 2024· Updated Aug 13, 2024
Information Disclosure Vulnerability in SAP Commerce Cloud
CVE-2024-33003
Description
Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII) data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included in the request URL as query or path parameters. On successful exploitation, this could lead to a High impact on confidentiality and integrity of the application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: HY_COM 1808
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.