Sap Supplier_relationship_management

11 CVEs affecting Sap Supplier_relationship_management. Latest disclosed: 2026-01-13. Critical: 1, High: 1.

Top CVEs affecting Sap Supplier_relationship_management
CVESeverityScorePublishedSummary
CVE-2025-30012Critical10.02025-05-13The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component, which allows an unauthenticated attacker to sen…
CVE-2025-30018High8.62025-05-13The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) allows an unauthenticated attacker to submit an application servlet request with a craft…
CVE-2025-42920Medium6.12025-09-09Due to a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management, an unauthenticated attacker could generate a malicious link and…
CVE-2025-30010Medium6.12025-05-13The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM packages which allows an…
CVE-2025-30009Medium6.12025-05-13he Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM packages which allows an…
CVE-2019-0361Medium6.12019-09-10SAP Supplier Relationship Management (Master Data Management Catalog - SRM_MDM_CAT, before versions 3.73, 7.31, 7.32) does not sufficiently encode user-control…
CVE-2023-39436Medium5.82023-08-08SAP Supplier Relationship Management -versions 600, 602, 603, 604, 605, 606, 616, 617, allows an unauthorized attacker to discover information relating to SRM…
CVE-2025-30011Medium5.32025-05-13The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM packages which allows an…
CVE-2026-0513Medium4.72026-01-13Due to an Open Redirect Vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog), an unauthenticated attacker could craft a maliciou…
CVE-2014-41612014-06-13Cross-site scripting (XSS) vulnerability in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to inject arbitrary web scri…
CVE-2014-41592014-06-13Open redirect vulnerability in in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to redirect users to arbitrary web s…