CVE-2024-41733
Vulnerability Description
In SAP Commerce, valid user accounts can be
identified during the customer registration and login processes. This allows a
potential attacker to learn if a given e-mail is used for an account, but does
not grant access to any customer data beyond this knowledge. The attacker must
already know the e-mail that they wish to test for. The impact on
confidentiality therefore is low and no impact to integrity or availability
identified during the customer registration and login processes. This allows a
potential attacker to learn if a given e-mail is used for an account, but does
not grant access to any customer data beyond this knowledge. The attacker must
already know the e-mail that they wish to test for. The impact on
confidentiality therefore is low and no impact to integrity or availability
Vulnerability Details
Published Date
Last Modified
Source
NVD
Discussion (0)
Add Comment
No comments yet. Be the first!