VYPR
Unrated severityNVD Advisory· Published May 13, 2025· Updated May 13, 2025

Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)

CVE-2025-30009

Description

he Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to execute malicious script in the victim�s browser. This vulnerability has low impact on confidentiality and integrity within the scope of that victim�s browser, with no effect on availability of the application

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.