Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2026/01/09 10:58 a.m.6 views

CVE-2025-23191

Cached values belonging to the SAP OData endpoint in SAP Fiori for SAP ERP could be poisoned by modifying the Host header value in an HTTP GET request. An attacker could alter the atom:link values in the returned metadata redirecting them from the SAP server to a malicious link set by the attacke...

3.1CVSS6.7AI score0.00239EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/02/11 12:35 a.m.7 views

CVE-2025-23191 Cache Poisoning through header manipulation vulnerability in SAP Fiori for SAP ERP

Cached values belonging to the SAP OData endpoint in SAP Fiori for SAP ERP could be poisoned by modifying the Host header value in an HTTP GET request. An attacker could alter the atom:link values in the returned metadata redirecting them from the SAP server to a malicious link set by the attacke...

3.1CVSS4.2AI score0.00239EPSS
Exploits0References2
cvelist
cvelist
added 2025/02/11 12:35 a.m.16 views

CVE-2025-23191 Cache Poisoning through header manipulation vulnerability in SAP Fiori for SAP ERP

Cached values belonging to the SAP OData endpoint in SAP Fiori for SAP ERP could be poisoned by modifying the Host header value in an HTTP GET request. An attacker could alter the atom:link values in the returned metadata redirecting them from the SAP server to a malicious link set by the attacke...

3.1CVSS0.00239EPSS
Exploits0References2
cve
cve
added 2025/02/11 12:35 a.m.66 views

CVE-2025-23191

CVE-2025-23191 describes a cache-poisoning vulnerability in the SAP OData endpoint of SAP Fiori for SAP ERP . By modifying the HTTP GET Host header, an attacker can corrupt cached values and alter the atom:link metadata, redirecting clients to attacker-controlled links. The documented impact is d...

3.1CVSS3.8AI score0.00239EPSS
Exploits0References2
Rows per page
Query Builder