SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital Manufacturing - version 1.0, do not validate the signature of the JSON Web Token (JWT) in the HTTP request sent from SAP Digital Manufacturing. Therefore, unauthorized callers from the internal network could send service requests to PCo or the Production Connector, which could have an impact on the integrity of the integration with SAP Digital Manufacturing.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: sap
Published: 2023-06-13T02:36:18.158Z
Updated: 2024-08-02T06:33:05.830Z
Reserved: 2023-05-22T06:34:19.652Z
Link: CVE-2023-2827
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-06-13T03:15:09.223
Modified: 2023-06-26T14:08:41.080
Link: CVE-2023-2827
Redhat
No data.