N/A

SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, exposes several web applications that maintain sessions with a user. These sessions are established after the user has authenticated with username/passphrase credentials. The user can change their own passphrase, but this does not invalidate active sessions that the user may have with SAP Commerce Cloud web applications, which gives an attacker the opportunity to reuse old session credentials, resulting in Insufficient Session Expiration.

N/A

N/A

SAP Commerce Cloud 代码问题漏洞

SAP Commerce Cloud是德国思爱普（SAP）公司的一个电商云平台。该平台提供企业级电商业务支持。 SAP Commerce Cloud 存在安全漏洞，目前尚无此漏洞的相关信息，请随时关注CNNVD或厂商公告。

N/A

N/A