CVE-2024-33003 - SAP Commerce Cloud OCC API Insufficient Data in URL Parameters Information Disclosure and Data Leaking
CVE ID : CVE-2024-33003 Published : Aug. 13, 2024, 4:15 a.m. | 1 hour, 44 minutes ago Description : Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII) data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included in the request URL as query or path parameters. On successful exploitation, this could lead to a High impact on confidentiality and integrity of the application. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-33003
Published : Aug. 13, 2024, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII) data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included in the request URL as query or path parameters. On successful exploitation, this could lead to a High impact on confidentiality and integrity of the application.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : Aug. 13, 2024, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII) data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included in the request URL as query or path parameters. On successful exploitation, this could lead to a High impact on confidentiality and integrity of the application.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
