CVE-2025-30009

Name of the Vulnerable Software and Affected Versions SAP Supplier Relationship Management (SRM) (affected versions not specified)

Description The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated Java applet component, allowing an unauthenticated attacker to execute malicious script in the victim's browser. This issue has low impact on confidentiality and integrity within the scope of the victim's browser, with no effect on the availability of the application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.