CVE-2025-30014 Information

Description

SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from directory which they don?t have access to hence causing a high impact on confidentiality. Integrity and Availability are not affected.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Reference

https://me.sap.com/notes/2927164 https://url.sap/sapsecuritypatchday https://url.sap/sapsecuritypatchday

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

7.7