Sap Se Sap Identity Management vulnerabilities

CVE-2026-0504 [LOW] CWE-943 CVE-2026-0504: Due to insufficient input handling, the SAP Identity Management REST interface allows an authenticat Due to insufficient input handling, the SAP Identity Management REST interface allows an authenticated administrator to submit specially crafted malicious REST requests that are processed by JNDI operations without adequate input neutralization. This may lead to limited disclosure or modification of data, resulting in low impact on confidentiality and in

CVE-2020-6258 [MEDIUM] CWE-862 CVE-2020-6258: SAP Identity Management, version 8.0, does not perform necessary authorization checks for an authent SAP Identity Management, version 8.0, does not perform necessary authorization checks for an authenticated user, allowing the attacker to view certain sensitive information of the victim, leading to Missing Authorization Check.

CVE-2018-2417 [MEDIUM] CVE-2018-2417: Under certain conditions, the SAP Identity Management 8.0 (pass of type ToASCII) allows an attacker Under certain conditions, the SAP Identity Management 8.0 (pass of type ToASCII) allows an attacker to access information which would otherwise be restricted.