cvelistv5 - cve-2025-43007

CVE-2025-43007 (GCVE-0-2025-43007)

Vulnerability from cvelistv5

Published

2025-05-13 00:19

Modified

2025-05-13 13:58

Severity ?

6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE

CWE-862 - Missing Authorization

Summary

SAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on confidentiality, integrity and availability of the application.

References

URL

Tags

	https://me.sap.com/notes/2719724
	https://url.sap/sapsecuritypatchday

Impacted products

	Vendor	Product	Version
	SAP_SE	SAP Service Parts Management (SPM)	Version: SAP_APPL 617 Version: 618 Version: S4CORE 100 Version: 101 Version: 102 Version: 103

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-43007",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-13T13:58:07.991282Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-13T13:58:16.900Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "SAP Service Parts Management (SPM)",
          "vendor": "SAP_SE",
          "versions": [
            {
              "status": "affected",
              "version": "SAP_APPL 617"
            },
            {
              "status": "affected",
              "version": "618"
            },
            {
              "status": "affected",
              "version": "S4CORE 100"
            },
            {
              "status": "affected",
              "version": "101"
            },
            {
              "status": "affected",
              "version": "102"
            },
            {
              "status": "affected",
              "version": "103"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eSAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on confidentiality, integrity and availability of the application.\u003c/p\u003e"
            }
          ],
          "value": "SAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on confidentiality, integrity and availability of the application."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862: Missing Authorization",
              "lang": "eng",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-13T00:19:18.709Z",
        "orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
        "shortName": "sap"
      },
      "references": [
        {
          "url": "https://me.sap.com/notes/2719724"
        },
        {
          "url": "https://url.sap/sapsecuritypatchday"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Missing Authorization check in SAP Service Parts Management (SPM)",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
    "assignerShortName": "sap",
    "cveId": "CVE-2025-43007",
    "datePublished": "2025-05-13T00:19:18.709Z",
    "dateReserved": "2025-04-16T13:25:53.589Z",
    "dateUpdated": "2025-05-13T13:58:16.900Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-43007\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-13T13:58:07.991282Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-13T13:58:11.841Z\"}}], \"cna\": {\"title\": \"Missing Authorization check in SAP Service Parts Management (SPM)\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"SAP_SE\", \"product\": \"SAP Service Parts Management (SPM)\", \"versions\": [{\"status\": \"affected\", \"version\": \"SAP_APPL 617\"}, {\"status\": \"affected\", \"version\": \"618\"}, {\"status\": \"affected\", \"version\": \"S4CORE 100\"}, {\"status\": \"affected\", \"version\": \"101\"}, {\"status\": \"affected\", \"version\": \"102\"}, {\"status\": \"affected\", \"version\": \"103\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://me.sap.com/notes/2719724\"}, {\"url\": \"https://url.sap/sapsecuritypatchday\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"SAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on confidentiality, integrity and availability of the application.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eSAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on confidentiality, integrity and availability of the application.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"eng\", \"type\": \"CWE\", \"cweId\": \"CWE-862\", \"description\": \"CWE-862: Missing Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"e4686d1a-f260-4930-ac4c-2f5c992778dd\", \"shortName\": \"sap\", \"dateUpdated\": \"2025-05-13T00:19:18.709Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-43007\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-13T13:58:16.900Z\", \"dateReserved\": \"2025-04-16T13:25:53.589Z\", \"assignerOrgId\": \"e4686d1a-f260-4930-ac4c-2f5c992778dd\", \"datePublished\": \"2025-05-13T00:19:18.709Z\", \"assignerShortName\": \"sap\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2025-AVI-0396

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
SAP	S/4HANA	S/4HANA HCM Portugal and SAP ERP HCM Portugal versions S4HCMCPT 100, 101, SAP_HRCPT 600, 604 et 608
SAP	N/A	Service Parts Management (SPM) versions SAP_APPL 600, 602, 603, 604, 605, 606, 616, 617, 618, SAPSCORE 111, S4CORE 100, 101 et 102
SAP	NetWeaver	NetWeaver (Visual Composer development server) version VCFRAMEWORK 7.50
SAP	N/A	Supplier Relationship Management (Master Data Management Catalog) version SRM_MDM_CAT 7.52
SAP	Business Objects Business Intelligence Platform	BusinessObjects Business Intelligence Platform versions ENTERPRISE 420, 430 et 2025
SAP	N/A	Business Objects Business Intelligence Platform (PMW) versions ENTERPRISE 430, 2025 et 2027
SAP	NetWeaver Application Server ABAP et ABAP Platform	NetWeaver Application Server ABAP et ABAP Platform versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757 et SAP_BASIS 758
SAP	N/A	Data Services Management Console version SBOP DS JOB SERVER 4.3
SAP	N/A	Digital Manufacturing (Production Operator Dashboard) version CTNR-DME-PODFOUNDATION-MS 1.0
SAP	N/A	Fiori for SAP ERP versions SAP_GWFND 740, 750, 751, 752, 753, 754, 755, 756, 757 et 758
SAP	S/4HANA	S4/HANA (OData meta-data property) versions S4CORE 102, 103, 104, 105 et 106
SAP	S/4HANA	S/4HANA (Private Cloud & On-Premise) versions S4CRM 204, 205, 206, S4CEXT 107, 108, BBPCRM 702, 712, 713, 714
SAP	S/4HANA	S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) versions S4CORE 102, 103, 104, 105, 106, 107, 108, SCM_BASIS 700, 701, 702, 712, 713 et 714
SAP	N/A	Gateway Client versions SAP_GWFND 752, 753, 754, 755, 756, 757 et 758
SAP	N/A	Supplier Relationship Management (Live Auction Cockpit) version SRM_SERVER 7.14
SAP	N/A	Service Parts Management (SPM) versions SAP_APPL 617, 618, SAPSCORE 116, S4CORE 100, 101, 102 et 103
SAP	N/A	PDCE versions S4CORE 102, 103, S4COREOP 104, 105, 106, 107 et 108
SAP	N/A	Landscape Transformation (PCL Basis) versions DMIS 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731, 2018_1_752, 2020, S4CORE 102, 103, 104, 105, 106, 107 et 108
SAP	N/A	GUI for Windows version BC-FES-GUI 8.00

References

Title

Publication Time

Tags

Bulletin de sécurité SAP may-2025

2025-05-13

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "S/4HANA HCM Portugal and SAP ERP HCM Portugal versions S4HCMCPT 100, 101, SAP_HRCPT 600, 604 et 608",
      "product": {
        "name": "S/4HANA",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Service Parts Management (SPM) versions SAP_APPL 600, 602, 603, 604, 605, 606, 616, 617, 618, SAPSCORE 111, S4CORE 100, 101 et 102",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "NetWeaver (Visual Composer development server) version VCFRAMEWORK 7.50",
      "product": {
        "name": "NetWeaver",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Supplier Relationship Management (Master Data Management Catalog) version SRM_MDM_CAT 7.52",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "BusinessObjects Business Intelligence Platform versions ENTERPRISE 420, 430 et 2025",
      "product": {
        "name": "Business Objects Business Intelligence Platform",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Business Objects Business Intelligence Platform (PMW) versions ENTERPRISE 430, 2025 et 2027",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "NetWeaver Application Server ABAP et ABAP Platform versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757 et SAP_BASIS 758",
      "product": {
        "name": "NetWeaver Application Server ABAP et ABAP Platform",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Data Services Management Console version SBOP DS JOB SERVER 4.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Digital Manufacturing (Production Operator Dashboard) version CTNR-DME-PODFOUNDATION-MS 1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Fiori for SAP ERP versions SAP_GWFND 740, 750, 751, 752, 753, 754, 755, 756, 757 et 758",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "S4/HANA (OData meta-data property) versions S4CORE 102, 103, 104, 105 et 106",
      "product": {
        "name": "S/4HANA",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "S/4HANA (Private Cloud \u0026 On-Premise) versions S4CRM 204, 205, 206, S4CEXT 107, 108, BBPCRM 702, 712, 713, 714",
      "product": {
        "name": "S/4HANA",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) versions S4CORE 102, 103, 104, 105, 106, 107, 108, SCM_BASIS 700, 701, 702, 712, 713 et 714",
      "product": {
        "name": "S/4HANA",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Gateway Client versions SAP_GWFND 752, 753, 754, 755, 756, 757 et 758",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Supplier Relationship Management (Live Auction Cockpit) version SRM_SERVER 7.14",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Service Parts Management (SPM) versions SAP_APPL 617, 618, SAPSCORE 116, S4CORE 100, 101, 102 et 103",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "PDCE versions S4CORE 102, 103, S4COREOP 104, 105, 106, 107 et 108",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Landscape Transformation (PCL Basis) versions DMIS 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731, 2018_1_752, 2020, S4CORE 102, 103, 104, 105, 106, 107 et 108",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "GUI for Windows version BC-FES-GUI 8.00",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-43003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43003"
    },
    {
      "name": "CVE-2025-43007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43007"
    },
    {
      "name": "CVE-2025-23191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23191"
    },
    {
      "name": "CVE-2025-42999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-42999"
    },
    {
      "name": "CVE-2025-43009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43009"
    },
    {
      "name": "CVE-2025-43011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43011"
    },
    {
      "name": "CVE-2025-43006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43006"
    },
    {
      "name": "CVE-2025-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0060"
    },
    {
      "name": "CVE-2025-30012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30012"
    },
    {
      "name": "CVE-2025-43000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43000"
    },
    {
      "name": "CVE-2025-43004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43004"
    },
    {
      "name": "CVE-2025-31324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31324"
    },
    {
      "name": "CVE-2025-43005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43005"
    },
    {
      "name": "CVE-2025-43008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43008"
    },
    {
      "name": "CVE-2025-31329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31329"
    },
    {
      "name": "CVE-2025-30009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30009"
    },
    {
      "name": "CVE-2025-30011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30011"
    },
    {
      "name": "CVE-2025-43002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43002"
    },
    {
      "name": "CVE-2025-26662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26662"
    },
    {
      "name": "CVE-2025-30010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30010"
    },
    {
      "name": "CVE-2025-42997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-42997"
    },
    {
      "name": "CVE-2025-0061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0061"
    },
    {
      "name": "CVE-2025-43010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43010"
    },
    {
      "name": "CVE-2024-39592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39592"
    },
    {
      "name": "CVE-2025-30018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30018"
    }
  ],
  "initial_release_date": "2025-05-13T00:00:00",
  "last_revision_date": "2025-06-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0396",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-05-13T00:00:00.000000"
    },
    {
      "description": "Ajout des identifiants CVE CVE-2025-0060, CVE-2025-0061 et CVE-2025-23191",
      "revision_date": "2025-06-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une injection de code indirecte \u00e0 distance (XSS).",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
  "vendor_advisories": [
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 SAP may-2025",
      "url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/may-2025.html"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-43007 (GCVE-0-2025-43007)

Vulnerability from cvelistv5

CERTFR-2025-AVI-0396

Vulnerability from certfr_avis

Solutions

Tags

Sightings

Nomenclature