CVE-2025-30011

Name of the Vulnerable Software and Affected Versions SAP Supplier Relationship Management (SRM) (affected versions not specified)

Description The issue concerns the use of a deprecated java applet component within the Live Auction Cockpit in SAP SRM. This allows an unauthenticated attacker to send a malicious request, potentially disclosing internal version details of the affected system. The impact on confidentiality is low, with no effect on the integrity and availability of the application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.