4 matches found
CVE-2025-30012
creationtimestamp| type| source ---|---|--- 2025-05-13 03:12:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lozjaam66w2l 2025-05-13 05:30:33+00:00| seen| https://t.me/cvedetector/25158 2025-05-13 14:30:45+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16125 2025-07-08...
CVE-2025-30012
The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a specific encoding format. The servlet will then decode this malicious request which will result in...
CVE-2025-30012
CVE-2025-30012 affects the SAP SRM Live Auction Cockpit component, where a deprecated Java applet enables an unauthenticated attacker to trigger deserialization of a crafted payload, leading to execution of arbitrary OS commands with SAP Administrator privileges. The cited impact is high on confi...
CVE-2025-30012 Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)
The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a specific encoding format. The servlet will then decode this malicious request which will result in...