SAP Commerce, versions 1811, 1905, does not perform necessary authorization checks for an anonymous user, due to Missing Authorization Check. This affects confidentiality of secure media.Referenceshttps://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202https://launchpad.support.sap.com/#/notes/2888556
