Sap Process Integration vulnerabilities
3 known vulnerabilities affecting sap/process_integration.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2020-26814MEDIUMCVSS 4.9v1.02020-11-10
CVE-2020-26814 [MEDIUM] CVE-2020-26814: SAP Process Integration (PGP Module - Business-to-Business Add On), version - 1.0, allows an attacke
SAP Process Integration (PGP Module - Business-to-Business Add On), version - 1.0, allows an attacker to read PGP Keys under certain conditions in the PGP Module of Business-to-Business Add-On, these keys can then be used to read messages processed by the module leading to Information Disclosure.
nvd
CVE-2020-6305MEDIUMCVSS 6.1v7.31v7.40+1 more2020-01-14
CVE-2020-6305 [MEDIUM] CWE-79 CVE-2020-6305: PI Rest Adapter of SAP Process Integration (update provided in SAP_XIAF 7.31, 7.40, 7.50) does not s
PI Rest Adapter of SAP Process Integration (update provided in SAP_XIAF 7.31, 7.40, 7.50) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
nvd
CVE-2019-0379MEDIUMCVSS 5.3v1.0v2.02019-10-08
CVE-2019-0379 [MEDIUM] CWE-306 CVE-2019-0379: SAP Process Integration, business-to-business add-on, versions 1.0, 2.0, does not perform authentica
SAP Process Integration, business-to-business add-on, versions 1.0, 2.0, does not perform authentication check properly when the default security provider is changed to BouncyCastle (BC), leading to Missing Authentication Check
nvd