3 matches found
CVE-2025-25243
SAP Supplier Relationship Management Master Data Management Catalog allows an unauthenticated attacker to use a publicly available servlet to download an arbitrary file over the network without any user interaction. This can reveal highly sensitive information with no impact to integrity or...
CVE-2025-25243 Path traversal vulnerability in SAP Supplier Relationship Management (Master Data Management Catalog)
SAP Supplier Relationship Management Master Data Management Catalog allows an unauthenticated attacker to use a publicly available servlet to download an arbitrary file over the network without any user interaction. This can reveal highly sensitive information with no impact to integrity or...
CVE-2025-25243
The CVE-2025-25243 vulnerability affects SAP Supplier Relationship Management (Master Data Management Catalog). An unauthenticated attacker can use a publicly available servlet to download arbitrary files over the network, exposing sensitive information. Impact is limited to confidentiality (high...