PT-2026-2344 · Sap · Sap Supplier Relationship Management+1
Published
2026-01-12
·
Updated
2026-01-13
·
CVE-2026-0513
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
SAP Supplier Relationship Management (affected versions not specified)
Description
An unauthenticated attacker could exploit an Open Redirect in the SICF Handler within the SRM Catalog component of SAP Supplier Relationship Management. This allows the attacker to create a malicious URL that redirects a victim to a site controlled by the attacker. The issue results in a low impact on application integrity, with no impact to confidentiality or availability.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Open Redirect
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sap Supplier Relationship Management
Srm Catalog