SAP Commerce Hycom
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in SAP Commerce Hycom.
By the Year
In 2026 there have been 0 vulnerabilities in SAP Commerce Hycom. Commerce Hycom did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 2 | 8.65 |
It may take a day or so for new Commerce Hycom vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent SAP Commerce Hycom Security Vulnerabilities
SAP Commerce Cloud Auth Bypass via Empty Passphrase
CVE-2023-39439
9.8 - Critical
- August 08, 2023
SAP Commerce Cloud may accept an empty passphrase for user ID and passphrase authentication, allowing users to log into the system without a passphrase.
Empty Password in Configuration File
SAP Commerce OCC API Unauthorized Info Disclosure in HY_COM/COM_CLOUD
CVE-2023-37486
7.5 - High
- August 08, 2023
Under certain conditions SAP Commerce (OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD 2211, endpoints allow an attacker to access information which would otherwise be restricted. On successful exploitation there could be a high impact on confidentiality with no impact on integrity and availability of the application.
Use of Cache Containing Sensitive Information
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for SAP Commerce Hycom or by SAP? Click the Watch button to subscribe.
