CVE-2025-30010

Name of the Vulnerable Software and Affected Versions SAP Supplier Relationship Management (SRM) (affected versions not specified)

Description The issue concerns the use of a deprecated java applet component within the Live Auction Cockpit in SAP SRM. This allows an unauthenticated attacker to craft a malicious link. When clicked by a victim, the link redirects the browser to a malicious site, potentially causing low impact on confidentiality and integrity with no impact on the application's availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.