CVE-2025-27430

LOW Year: 2025
CVSS v3 Score
3.5
Low
Weakness Type
CWE-918
View all →

Vulnerability Description

Under certain conditions, an SSRF vulnerability in SAP CRM and SAP S/4HANA (Interaction Center) allows an attacker with low privileges to access restricted information. This flaw enables the attacker to send requests to internal network resources, thereby compromising the application's confidentiality. There is no impact on integrity or availability

Related Vulnerabilities

CVE-2024-26476

LOW
CVSS:3.5(Low)

An issue in open-emr before v.7.0.2 allows a remote attacker to escalate privileges via a crafted script to the formid parameter in the ereq_form.php component.

CWE-9182024

CVE-2024-31991

LOW
CVSS:3.5(Low)

Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, the safe_scrape_html function utilizes a user-controlled URL to issue a request to a remote server. Based on the content of the...

CWE-9182024

CVE-2020-14328

LOW
CVSS:3.3(Low)

A flaw was found in Ansible Tower in versions before 3.7.2. A Server Side Request Forgery flaw can be abused by supplying a URL which could lead to the server processing it connecting to internal serv...

CWE-9182020

CVE-2022-0085

LOW
CVSS:3.7(Low)

Server-Side Request Forgery (SSRF) in GitHub repository dompdf/dompdf prior to 2.0.0.

CWE-9182022

CVE-2023-48711

LOW
CVSS:3.7(Low)

google-translate-api-browser is an npm package which interfaces with the google translate web api. A Server-Side Request Forgery (SSRF) Vulnerability is present in applications utilizing the `google-t...

CWE-9182023

CVE-2024-0243

LOW
CVSS:3.7(Low)

With the following crawler configuration: ```python from bs4 import BeautifulSoup as Soup url = "https://example.com" loader = RecursiveUrlLoader( url=url, max_depth=2, extractor=lambda x: Soup(x, "ht...

CWE-9182024