All 12 CVE vulnerabilities found in SAP Commerce Cloud, with AI-generated Chinese analysis, references, and POCs.
This page catalogs common weakness enumerations associated with SAP Commerce Cloud, a widely used e-commerce platform. It aggregates security vulnerabilities affecting this specific product, focusing on flaws that may lead to unauthorized access, data exposure, or service disruption within the SAP ecosystem. The content collected here spans a comprehensive historical range, capturing vulnerabilities reported from the platform’s inception through recent updates, ensuring that both legacy and modern deployment scenarios are represented. This dataset is designed to provide a clear, consolidated view of the security landscape for SAP Commerce Cloud, rather than offering fragmented or isolated reports. Readers can use this resource to track vendor advisories related to the product, helping them stay informed about official patches and mitigation strategies released by SAP. Additionally, the page allows users to understand the nature of specific weakness classes, such as injection flaws or broken access control, as they apply to this commerce solution. Users can also look up a product’s vulnerability history, reviewing past incidents to assess long-term security trends and identify recurring patterns in software defects. By presenting this information in a structured manner, the page supports security teams in risk assessment, compliance verification, and proactive remediation efforts. The goal is to facilitate informed decision-making for administrators and developers who rely on SAP Commerce Cloud for their business operations, providing them with the necessary context to prioritize security updates and configure systems securely against known threats.
Vendor: SAP SE
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-24321 | Information Disclosure vulnerability in SAP Commerce Cloud CWE-359 | 5.3 | Medium | 2026-02-10 |
| CVE-2026-23684 | Race condition vulnerability in SAP Commerce Cloud CWE-366 | 5.9 | Medium | 2026-02-10 |
| CVE-2025-42906 | Directory Traversal vulnerability in SAP Commerce Cloud CWE-22 | 5.3 | Medium | 2025-10-14 |
| CVE-2025-27435 | Information Disclosure Vulnerability in SAP Commerce Cloud CWE-862 | 4.2 | Medium | 2025-04-08 |
| CVE-2024-47577 | Information Disclosure vulnerability in SAP Commerce Cloud CWE-319 | 2.7 | Low | 2024-12-10 |
| CVE-2024-33003 | Information Disclosure Vulnerability in SAP Commerce Cloud CWE-200 | 7.4 | High | 2024-08-13 |
| CVE-2023-42481 | Improper Access Control vulnerability in SAP Commerce Cloud CWE-640 | 8.1 | High | 2023-12-12 |
| CVE-2021-33666 | SAP Commerce Cloud 跨站脚本漏洞 | 6.1 | - | 2021-06-09 |
| CVE-2021-21445 | SAP Commerce Cloud 环境问题漏洞 | 5.4 | - | 2021-01-12 |
| CVE-2020-26809 | SAP Commerce Cloud 授权问题漏洞 | 5.3 | - | 2020-11-10 |
| CVE-2020-6363 | SAP Commerce Cloud 代码问题漏洞 | 6.3 | - | 2020-10-15 |
| CVE-2020-6272 | SAP 跨站脚本漏洞 | 4.8 | - | 2020-10-15 |
All 12 known CVE vulnerabilities affecting SAP Commerce Cloud with full Chinese analysis, references, and POCs where available.