CVE-2025-30014
7.7
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Summary
SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from directory which they don�t have access to, hence causing a high impact on confidentiality. Integrity and Availability are not affected.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP_SE | SAP Capital Yield Tax Management | CYTERP 420_700 | affected |
| SAP_SE | SAP Capital Yield Tax Management | CYT 800 | affected |
| SAP_SE | SAP Capital Yield Tax Management | IBS 7.0 | affected |
| SAP_SE | SAP Capital Yield Tax Management | CYT4HANA 100 | affected |
Weaknesses
- CWE-35: CWE-35: Path Traversal
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.