We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-30014

Directory Traversal vulnerability in SAP Capital Yield Tax Management



Description

SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from directory which they don�t have access to, hence causing a high impact on confidentiality. Integrity and Availability are not affected.

Reserved 2025-03-13 | Published 2025-04-08 | Updated 2025-04-08 | Assigner sap


HIGH: 7.7CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Problem types

CWE-35: Path Traversal

Product status

Default status
unaffected

CYTERP 420_700
affected

CYT 800
affected

IBS 7.0
affected

CYT4HANA 100
affected

References

me.sap.com/notes/2927164

url.sap/sapsecuritypatchday

cve.org (CVE-2025-30014)

nvd.nist.gov (CVE-2025-30014)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-30014

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.