Vulnerability-Lookup

CVE-2025-26662 (GCVE-0-2025-26662)

Vulnerability from cvelistv5 – Published: 2025-05-13 00:09 – Updated: 2025-11-07 05:03

Title

Cross-Site Scripting (XSS) vulnerability in the SAP Data Services Management Console

Summary

The Data Services Management Console does not sufficiently encode user-controlled inputs, allowing an attacker to inject malicious script. When a targeted victim, who is already logged in, clicks on the compromised link, the injected script gets executed within the scope of victim�s browser. This potentially leads to an impact on confidentiality and integrity. Availability is not impacted.

Severity ?

4.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation

Assigner

sap

References

URL

Tags

	https://me.sap.com/notes/3558755
	https://url.sap/sapsecuritypatchday

Impacted products

	Vendor	Product	Version
	SAP_SE	SAP Data Services Management Console	Affected: SBOP DS JOB SERVER 4.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-26662",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-13T14:06:41.113446Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-13T14:06:48.738Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "SAP Data Services Management Console",
          "vendor": "SAP_SE",
          "versions": [
            {
              "status": "affected",
              "version": "SBOP DS JOB SERVER 4.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe Data Services Management Console does not sufficiently encode user-controlled inputs, allowing an attacker to inject malicious script. When a targeted victim, who is already logged in, clicks on the compromised link, the injected script gets executed within the scope of victim\ufffds browser. This potentially leads to an impact on confidentiality and integrity. Availability is not impacted.\u003c/p\u003e"
            }
          ],
          "value": "The Data Services Management Console does not sufficiently encode user-controlled inputs, allowing an attacker to inject malicious script. When a targeted victim, who is already logged in, clicks on the compromised link, the injected script gets executed within the scope of victim\ufffds browser. This potentially leads to an impact on confidentiality and integrity. Availability is not impacted."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation",
              "lang": "eng",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-07T05:03:29.249Z",
        "orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
        "shortName": "sap"
      },
      "references": [
        {
          "url": "https://me.sap.com/notes/3558755"
        },
        {
          "url": "https://url.sap/sapsecuritypatchday"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Cross-Site Scripting (XSS) vulnerability in the SAP Data Services Management Console",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
    "assignerShortName": "sap",
    "cveId": "CVE-2025-26662",
    "datePublished": "2025-05-13T00:09:05.682Z",
    "dateReserved": "2025-02-12T21:05:31.736Z",
    "dateUpdated": "2025-11-07T05:03:29.249Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-26662\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-13T14:06:41.113446Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-13T14:06:44.912Z\"}}], \"cna\": {\"title\": \"Cross-Site Scripting (XSS) vulnerability in the SAP Data Services Management Console\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 4.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"SAP_SE\", \"product\": \"SAP Data Services Management Console\", \"versions\": [{\"status\": \"affected\", \"version\": \"SBOP DS JOB SERVER 4.3\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://me.sap.com/notes/3558755\"}, {\"url\": \"https://url.sap/sapsecuritypatchday\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.5.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Data Services Management Console does not sufficiently encode user-controlled inputs, allowing an attacker to inject malicious script. When a targeted victim, who is already logged in, clicks on the compromised link, the injected script gets executed within the scope of victim\\ufffds browser. This potentially leads to an impact on confidentiality and integrity. Availability is not impacted.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eThe Data Services Management Console does not sufficiently encode user-controlled inputs, allowing an attacker to inject malicious script. When a targeted victim, who is already logged in, clicks on the compromised link, the injected script gets executed within the scope of victim\\ufffds browser. This potentially leads to an impact on confidentiality and integrity. Availability is not impacted.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"eng\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation\"}]}], \"providerMetadata\": {\"orgId\": \"e4686d1a-f260-4930-ac4c-2f5c992778dd\", \"shortName\": \"sap\", \"dateUpdated\": \"2025-11-07T05:03:29.249Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-26662\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-07T05:03:29.249Z\", \"dateReserved\": \"2025-02-12T21:05:31.736Z\", \"assignerOrgId\": \"e4686d1a-f260-4930-ac4c-2f5c992778dd\", \"datePublished\": \"2025-05-13T00:09:05.682Z\", \"assignerShortName\": \"sap\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

GHSA-XH3W-9CJP-3CF8

Vulnerability from github – Published: 2025-05-13 03:31 – Updated: 2025-05-13 03:31

Details

Severity ?

4.4 (Medium)


                  
                    CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-26662"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-13T01:15:47Z",
    "severity": "MODERATE"
  },
  "details": "The Data Services Management Console does not sufficiently encode user-controlled inputs, allowing an attacker to inject malicious script. When a targeted victim, who is already logged in, clicks on the compromised link, the injected script gets executed within the scope of victim\ufffds browser. This potentially leads to an impact on confidentiality and integrity. Availability is not impacted.",
  "id": "GHSA-xh3w-9cjp-3cf8",
  "modified": "2025-05-13T03:31:13Z",
  "published": "2025-05-13T03:31:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26662"
    },
    {
      "type": "WEB",
      "url": "https://me.sap.com/notes/3558755"
    },
    {
      "type": "WEB",
      "url": "https://url.sap/sapsecuritypatchday"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2025-12685

Vulnerability from cnvd - Published: 2025-06-16

Title

SAP Data Services Management Console跨站脚本漏洞

Description

SAP Data Services Management Console是一款用于管理和监控数据服务的控制台。 SAP Data Services Management Console存在跨站脚本漏洞，该漏洞源于系统未能充分编码用户控制的输入。攻击者可以利用该漏洞注入恶意脚本。

Severity

低

Patch Name

SAP Data Services Management Console跨站脚本漏洞的补丁

Patch Description

SAP Data Services Management Console是一款用于管理和监控数据服务的控制台。 SAP Data Services Management Console存在跨站脚本漏洞，该漏洞源于系统未能充分编码用户控制的输入。攻击者可以利用该漏洞注入恶意脚本。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载: https://me.sap.com/notes/3558755

Reference

https://nvd.nist.gov/vuln/detail/CVE-2025-26662

Impacted products

Name
SAP Data Services Management Console

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-26662",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-26662"
    }
  },
  "description": "SAP Data Services Management Console\u662f\u4e00\u6b3e\u7528\u4e8e\u7ba1\u7406\u548c\u76d1\u63a7\u6570\u636e\u670d\u52a1\u7684\u63a7\u5236\u53f0\u3002\n\nSAP Data Services Management Console\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7cfb\u7edf\u672a\u80fd\u5145\u5206\u7f16\u7801\u7528\u6237\u63a7\u5236\u7684\u8f93\u5165\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u6ce8\u5165\u6076\u610f\u811a\u672c\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d:\r\nhttps://me.sap.com/notes/3558755",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-12685",
  "openTime": "2025-06-16",
  "patchDescription": "SAP Data Services Management Console\u662f\u4e00\u6b3e\u7528\u4e8e\u7ba1\u7406\u548c\u76d1\u63a7\u6570\u636e\u670d\u52a1\u7684\u63a7\u5236\u53f0\u3002\r\n\r\nSAP Data Services Management Console\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7cfb\u7edf\u672a\u80fd\u5145\u5206\u7f16\u7801\u7528\u6237\u63a7\u5236\u7684\u8f93\u5165\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u6ce8\u5165\u6076\u610f\u811a\u672c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "SAP Data Services Management Console\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "SAP Data Services Management Console"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2025-26662",
  "serverity": "\u4f4e",
  "submitTime": "2025-05-19",
  "title": "SAP Data Services Management Console\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e"
}

FKIE_CVE-2025-26662

Vulnerability from fkie_nvd - Published: 2025-05-13 01:15 - Updated: 2025-05-13 19:35

Severity ?

4.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N

Summary

References

	URL	Tags
	cna@sap.com	https://me.sap.com/notes/3558755
	cna@sap.com	https://url.sap/sapsecuritypatchday

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Data Services Management Console does not sufficiently encode user-controlled inputs, allowing an attacker to inject malicious script. When a targeted victim, who is already logged in, clicks on the compromised link, the injected script gets executed within the scope of victim\ufffds browser. This potentially leads to an impact on confidentiality and integrity. Availability is not impacted."
    },
    {
      "lang": "es",
      "value": "Data Services Management Console no codifica adecuadamente las entradas controladas por el usuario, lo que permite a un atacante inyectar un script malicioso. Cuando una v\u00edctima, que ya ha iniciado sesi\u00f3n, hace clic en el enlace comprometido, el script inyectado se ejecuta en el navegador de la v\u00edctima. Esto podr\u00eda afectar la confidencialidad y la integridad. La disponibilidad no se ve afectada."
    }
  ],
  "id": "CVE-2025-26662",
  "lastModified": "2025-05-13T19:35:25.503",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 2.7,
        "source": "cna@sap.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-05-13T01:15:47.243",
  "references": [
    {
      "source": "cna@sap.com",
      "url": "https://me.sap.com/notes/3558755"
    },
    {
      "source": "cna@sap.com",
      "url": "https://url.sap/sapsecuritypatchday"
    }
  ],
  "sourceIdentifier": "cna@sap.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "cna@sap.com",
      "type": "Secondary"
    }
  ]
}

CERTFR-2025-AVI-0396

Vulnerability from certfr_avis - Published: 2025-05-13 - Updated: 2025-06-12

De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
SAP	S/4HANA	S/4HANA HCM Portugal and SAP ERP HCM Portugal versions S4HCMCPT 100, 101, SAP_HRCPT 600, 604 et 608
SAP	N/A	Service Parts Management (SPM) versions SAP_APPL 600, 602, 603, 604, 605, 606, 616, 617, 618, SAPSCORE 111, S4CORE 100, 101 et 102
SAP	NetWeaver	NetWeaver (Visual Composer development server) version VCFRAMEWORK 7.50
SAP	N/A	Supplier Relationship Management (Master Data Management Catalog) version SRM_MDM_CAT 7.52
SAP	Business Objects Business Intelligence Platform	BusinessObjects Business Intelligence Platform versions ENTERPRISE 420, 430 et 2025
SAP	N/A	Business Objects Business Intelligence Platform (PMW) versions ENTERPRISE 430, 2025 et 2027
SAP	NetWeaver Application Server ABAP et ABAP Platform	NetWeaver Application Server ABAP et ABAP Platform versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757 et SAP_BASIS 758
SAP	N/A	Data Services Management Console version SBOP DS JOB SERVER 4.3
SAP	N/A	Digital Manufacturing (Production Operator Dashboard) version CTNR-DME-PODFOUNDATION-MS 1.0
SAP	N/A	Fiori for SAP ERP versions SAP_GWFND 740, 750, 751, 752, 753, 754, 755, 756, 757 et 758
SAP	S/4HANA	S4/HANA (OData meta-data property) versions S4CORE 102, 103, 104, 105 et 106
SAP	S/4HANA	S/4HANA (Private Cloud & On-Premise) versions S4CRM 204, 205, 206, S4CEXT 107, 108, BBPCRM 702, 712, 713, 714
SAP	S/4HANA	S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) versions S4CORE 102, 103, 104, 105, 106, 107, 108, SCM_BASIS 700, 701, 702, 712, 713 et 714
SAP	N/A	Gateway Client versions SAP_GWFND 752, 753, 754, 755, 756, 757 et 758
SAP	N/A	Supplier Relationship Management (Live Auction Cockpit) version SRM_SERVER 7.14
SAP	N/A	Service Parts Management (SPM) versions SAP_APPL 617, 618, SAPSCORE 116, S4CORE 100, 101, 102 et 103
SAP	N/A	PDCE versions S4CORE 102, 103, S4COREOP 104, 105, 106, 107 et 108
SAP	N/A	Landscape Transformation (PCL Basis) versions DMIS 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731, 2018_1_752, 2020, S4CORE 102, 103, 104, 105, 106, 107 et 108
SAP	N/A	GUI for Windows version BC-FES-GUI 8.00

References

Title

Publication Time

Tags

Bulletin de sécurité SAP may-2025

2025-05-13

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "S/4HANA HCM Portugal and SAP ERP HCM Portugal versions S4HCMCPT 100, 101, SAP_HRCPT 600, 604 et 608",
      "product": {
        "name": "S/4HANA",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Service Parts Management (SPM) versions SAP_APPL 600, 602, 603, 604, 605, 606, 616, 617, 618, SAPSCORE 111, S4CORE 100, 101 et 102",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "NetWeaver (Visual Composer development server) version VCFRAMEWORK 7.50",
      "product": {
        "name": "NetWeaver",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Supplier Relationship Management (Master Data Management Catalog) version SRM_MDM_CAT 7.52",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "BusinessObjects Business Intelligence Platform versions ENTERPRISE 420, 430 et 2025",
      "product": {
        "name": "Business Objects Business Intelligence Platform",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Business Objects Business Intelligence Platform (PMW) versions ENTERPRISE 430, 2025 et 2027",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "NetWeaver Application Server ABAP et ABAP Platform versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757 et SAP_BASIS 758",
      "product": {
        "name": "NetWeaver Application Server ABAP et ABAP Platform",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Data Services Management Console version SBOP DS JOB SERVER 4.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Digital Manufacturing (Production Operator Dashboard) version CTNR-DME-PODFOUNDATION-MS 1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Fiori for SAP ERP versions SAP_GWFND 740, 750, 751, 752, 753, 754, 755, 756, 757 et 758",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "S4/HANA (OData meta-data property) versions S4CORE 102, 103, 104, 105 et 106",
      "product": {
        "name": "S/4HANA",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "S/4HANA (Private Cloud \u0026 On-Premise) versions S4CRM 204, 205, 206, S4CEXT 107, 108, BBPCRM 702, 712, 713, 714",
      "product": {
        "name": "S/4HANA",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) versions S4CORE 102, 103, 104, 105, 106, 107, 108, SCM_BASIS 700, 701, 702, 712, 713 et 714",
      "product": {
        "name": "S/4HANA",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Gateway Client versions SAP_GWFND 752, 753, 754, 755, 756, 757 et 758",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Supplier Relationship Management (Live Auction Cockpit) version SRM_SERVER 7.14",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Service Parts Management (SPM) versions SAP_APPL 617, 618, SAPSCORE 116, S4CORE 100, 101, 102 et 103",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "PDCE versions S4CORE 102, 103, S4COREOP 104, 105, 106, 107 et 108",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Landscape Transformation (PCL Basis) versions DMIS 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731, 2018_1_752, 2020, S4CORE 102, 103, 104, 105, 106, 107 et 108",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "GUI for Windows version BC-FES-GUI 8.00",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-43003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43003"
    },
    {
      "name": "CVE-2025-43007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43007"
    },
    {
      "name": "CVE-2025-23191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23191"
    },
    {
      "name": "CVE-2025-42999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-42999"
    },
    {
      "name": "CVE-2025-43009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43009"
    },
    {
      "name": "CVE-2025-43011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43011"
    },
    {
      "name": "CVE-2025-43006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43006"
    },
    {
      "name": "CVE-2025-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0060"
    },
    {
      "name": "CVE-2025-30012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30012"
    },
    {
      "name": "CVE-2025-43000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43000"
    },
    {
      "name": "CVE-2025-43004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43004"
    },
    {
      "name": "CVE-2025-31324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31324"
    },
    {
      "name": "CVE-2025-43005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43005"
    },
    {
      "name": "CVE-2025-43008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43008"
    },
    {
      "name": "CVE-2025-31329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31329"
    },
    {
      "name": "CVE-2025-30009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30009"
    },
    {
      "name": "CVE-2025-30011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30011"
    },
    {
      "name": "CVE-2025-43002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43002"
    },
    {
      "name": "CVE-2025-26662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26662"
    },
    {
      "name": "CVE-2025-30010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30010"
    },
    {
      "name": "CVE-2025-42997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-42997"
    },
    {
      "name": "CVE-2025-0061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0061"
    },
    {
      "name": "CVE-2025-43010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43010"
    },
    {
      "name": "CVE-2024-39592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39592"
    },
    {
      "name": "CVE-2025-30018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30018"
    }
  ],
  "initial_release_date": "2025-05-13T00:00:00",
  "last_revision_date": "2025-06-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0396",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-05-13T00:00:00.000000"
    },
    {
      "description": "Ajout des identifiants CVE CVE-2025-0060, CVE-2025-0061 et CVE-2025-23191",
      "revision_date": "2025-06-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une injection de code indirecte \u00e0 distance (XSS).",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
  "vendor_advisories": [
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 SAP may-2025",
      "url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/may-2025.html"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-26662 (GCVE-0-2025-26662)

GHSA-XH3W-9CJP-3CF8

CNVD-2025-12685

FKIE_CVE-2025-26662

CERTFR-2025-AVI-0396

Solutions

Tags

Sightings

Nomenclature