CVE-2025-30014

High

SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker…

sap·CWE-35·Published 2025-04-08

CVSS

7.7

EPSS

0.01

KEV

Exploits

cve.orgen

311 chars

SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from directory which they don�t have access to, hence causing a high impact on confidentiality. Integrity and Availability are not affected.

NVDen

311 chars

NVDes

343 chars

SAP Capital Yield Tax Management presenta una vulnerabilidad de directory traversal debido a una validación de ruta insuficiente. Esto podría permitir que un atacante con pocos privilegios lea archivos de un directorio al que no tiene acceso, lo que afecta gravemente la confidencialidad. La integridad y la disponibilidad no se ven afectadas.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	7.7	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
3.1	Secondary	NVD	7.7	3.1	4.0	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N