VYPR

ENABLE_NOW_CONSUMP_DEL

by SAP

CVEs (3)

  • CVE-2023-36920MedOct 30, 2023
    risk 0.40cvss 6.1epss 0.00

    In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the X-FRAME-OPTIONS response header is not implemented, allowing an unauthenticated attacker to attempt clickjacking, which could result in disclosure or…

  • CVE-2023-36918MedJul 11, 2023
    risk 0.40cvss 6.1epss 0.00

    In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the X-Content-Type-Options response header is not implemented, allowing an unauthenticated attacker to trigger MIME type sniffing, which leads to Cross-Site…

  • CVE-2023-36919MedJul 11, 2023
    risk 0.34cvss 5.3epss 0.00

    In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Referrer-Policy response header is not implemented, allowing an unauthenticated attacker to obtain referrer details, resulting in information disclosure.