SAP Commerce, versions 1811, 1905, does not perform necessary authorization checks for an anonymous user, due to Missing Authorization Check. This affects confidentiality of secure media.

Related CVEs

CVE-2020-6232

Key Information

GHSA ID

GHSA-g7xw-pf29-g7fm

Published

May 24, 2022 5:14 PM

Last Modified

May 24, 2022 5:14 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 25, 2025 8:46 PM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.