Vulnerabilities > CVE-2025-30014

CVSS 7.7 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

CWE-35

NVD

Published: 2025-04-08

Updated: 2025-04-08

Summary

SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from directory which they don?t have access to, hence causing a high impact on confidentiality. Integrity and Availability are not affected.

Common Weakness Enumeration (CWE)

CWE-35 - Path Traversal: '.../...//'

References

https://me.sap.com/notes/2927164
https://url.sap/sapsecuritypatchday

Vulnerabilities > CVE-2025-30014 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2025-30014"}]}

Summary

Common Weakness Enumeration (CWE)

References

Vulnerabilities > CVE-2025-30014