CVE-2025-42965

SAP CMC Promotion Management allows an authenticated attacker to enumerate internal network systems by submitting crafted requests during job source configuration. By analysing response times for various IP addresses and ports, the attacker can infer valid network endpoints. Successful exploitati...

CVE-2025-42965

SAP CMC Promotion Management allows an authenticated attacker to enumerate internal network systems by submitting crafted requests during job source configuration. By analysing response times for various IP addresses and ports, the attacker can infer valid network endpoints. Successful exploitati...

CVE-2025-42965

CVE-2025-42965 affects SAP CMC Promotion Management and is an SSRF issue where an authenticated attacker can enumerate internal network endpoints by sending crafted requests during job source configuration and analyzing response times. This can lead to information disclosure (confidentiality impa...

SAP CMC Promotion Management 代码问题漏洞

SAP CMC Promotion Management is a software for managing and migrating content from SAP, Germany. A code issue vulnerability exists in SAP CMC Promotion Management that originates from a verified attacker who can enumerate internal network systems, potentially leading to information disclosure...

PT-2025-28284 · Sap · Sap Cmc Promotion Management

Name of the Vulnerable Software and Affected Versions: SAP CMC Promotion Management affected versions not specified Description: The issue allows an authenticated attacker to enumerate internal network systems by submitting crafted requests during job source configuration. By analyzing response...