CVE-2025-30014

Summary

SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from directory which they don�t have access to, hence causing a high impact on confidentiality. Integrity and Availability are not affected.

Affected Software

VendorProductVersion RangeStatus
SAP_SESAP Capital Yield Tax ManagementCYTERP 420_700affected
SAP_SESAP Capital Yield Tax ManagementCYT 800affected
SAP_SESAP Capital Yield Tax ManagementIBS 7.0affected
SAP_SESAP Capital Yield Tax ManagementCYT4HANA 100affected

Weaknesses

  • CWE-35: CWE-35: Path Traversal

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References