What is the severity of CVE-2025-27430?

CVE-2025-27430 is classified as a high severity vulnerability due to its potential to allow unauthorized access to restricted information.

How do I fix CVE-2025-27430?

To fix CVE-2025-27430, apply the latest security patches provided by SAP for the affected versions of SAP CRM and SAP S/4HANA.

What systems are affected by CVE-2025-27430?

CVE-2025-27430 affects SAP CRM and SAP S/4HANA (Interaction Center) under certain conditions.

What are the risks associated with CVE-2025-27430?

The risks associated with CVE-2025-27430 include potential data theft and unauthorized access to internal systems by low-privilege attackers.

Can CVE-2025-27430 be exploited remotely?

Yes, CVE-2025-27430 can be exploited remotely by leveraging the SSRF vulnerability to access internal network resources.

Vulnerability/
CVE-2025-27430

low

3.5

CWE

918

EPSS

0.045%

11/3/2025

CVE-2025-27430: Server Side Request Forgery (SSRF) in SAP CRM and SAP S/4 HANA (Interaction Center)

First published: Tue Mar 11 2025(Updated: )

Under certain conditions, an SSRF vulnerability in SAP CRM and SAP S/4HANA (Interaction Center) allows an attacker with low privileges to access restricted information. This flaw enables the attacker to send requests to internal network resources, thereby compromising the application's confidentiality. There is no impact on integrity or availability

Credit: cna@sap.com

Affected Software	Affected Version	How to fix
SAP Customer Relationship Management
SAP S/4HANA Sales

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2025-27430?
CVE-2025-27430 is classified as a high severity vulnerability due to its potential to allow unauthorized access to restricted information.
How do I fix CVE-2025-27430?
To fix CVE-2025-27430, apply the latest security patches provided by SAP for the affected versions of SAP CRM and SAP S/4HANA.
What systems are affected by CVE-2025-27430?
CVE-2025-27430 affects SAP CRM and SAP S/4HANA (Interaction Center) under certain conditions.
What are the risks associated with CVE-2025-27430?
The risks associated with CVE-2025-27430 include potential data theft and unauthorized access to internal systems by low-privilege attackers.
Can CVE-2025-27430 be exploited remotely?
Yes, CVE-2025-27430 can be exploited remotely by leveraging the SSRF vulnerability to access internal network resources.

collector/mitre-cve
source/MITRE
agent/weakness
agent/references
agent/title
agent/first-publish-date
agent/type
agent/description
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
collector/nvd-api
source/NVD
agent/author
agent/last-modified-date
agent/severity
agent/event
collector/epss-latest
source/FIRST
agent/source
agent/epss
agent/tags
vendor/sap
canonical/sap customer relationship management
canonical/sap s/4hana sales

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.