VYPR

Commerce Cloud (virtualjdbc extension)

by SAP

CVEs (1)

  • CVE-2019-0344KEVAug 14, 2019
    risk 0.15cvss epss 0.07

    Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection.