CVE-2025-42923
4.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
Due to insufficient CSRF protection in SAP Fiori App Manage Work Center Groups, an authenticated user could be tricked by an attacker to send unintended request to the web server. This has low impact on integrity and no impact on confidentiality and availability of the application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP_SE | SAP Fiori App (F4044 Manage Work Center Groups) | UIS4HOP1 600 | affected |
| SAP_SE | SAP Fiori App (F4044 Manage Work Center Groups) | 700 | affected |
| SAP_SE | SAP Fiori App (F4044 Manage Work Center Groups) | 800 | affected |
| SAP_SE | SAP Fiori App (F4044 Manage Work Center Groups) | 900 | affected |
Weaknesses
- CWE-352: CWE-352: Cross-Site Request Forgery (CSRF)
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.