CVE-2025-43010 Code injection vulnerability in SAP S/4HANA Cloud Private Edition or On Premise(SCM Master Data Layer (MDL))

🗓️ 13 May 2025 00:19:51Reported by sapType

Code injection vulnerability in SAP S/4HANA Cloud allows remote execution, impacting integrity and availability.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2025-43010	13 May 202501:32	–	circl
CNNVD	SAP S/4HANA Cloud Private 代码注入漏洞	13 May 202500:00	–	cnnvd
CVE	CVE-2025-43010	13 May 202500:19	–	cve
EUVD	EUVD-2025-14339	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP products	13 May 202509:05	–	ncsc
NVD	CVE-2025-43010	13 May 202501:15	–	nvd
Positive Technologies	PT-2025-20822 · Sap · Sap S/4Hana Cloud Private Edition +1	13 May 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-43010	15 May 202501:11	–	redhatcve
Tenable Nessus	SAP Netweaver Visual Composer Multiple Vulnerabilities (May 2025)	16 May 202500:00	–	nessus
Vulnrichment	CVE-2025-43010 Code injection vulnerability in SAP S/4HANA Cloud Private Edition or On Premise(SCM Master Data Layer (MDL))	13 May 202500:19	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL))",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "S4CORE 102"
      },
      {
        "status": "affected",
        "version": "103"
      },
      {
        "status": "affected",
        "version": "104"
      },
      {
        "status": "affected",
        "version": "105"
      },
      {
        "status": "affected",
        "version": "106"
      },
      {
        "status": "affected",
        "version": "107"
      },
      {
        "status": "affected",
        "version": "108"
      },
      {
        "status": "affected",
        "version": "SCM_BASIS 700"
      },
      {
        "status": "affected",
        "version": "701"
      },
      {
        "status": "affected",
        "version": "702"
      },
      {
        "status": "affected",
        "version": "712"
      },
      {
        "status": "affected",
        "version": "713"
      },
      {
        "status": "affected",
        "version": "714"
      }
    ]
  }
]

Source	Link
url	www.url.sap/sapsecuritypatchday
me	www.me.sap.com/notes/3600859

13 May 2025 00:19Current

CVSS 3.18.3

EPSS0.00234

CWE-94