Sap Supplier Relationship Management — known CVE vulnerabilities
Every CVE whose affected-product data names Sap Supplier Relationship Management, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2025-30012 — CVSS 10.0 (critical): The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component, which allows an…
CVE-2025-30018 — CVSS 8.6 (high): The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) allows an unauthenticated attacker to submit an application servlet…
CVE-2019-0361 — CVSS 6.1 (medium): SAP Supplier Relationship Management (Master Data Management Catalog - SRM_MDM_CAT, before versions 3.73, 7.31, 7.32) does not sufficiently…
CVE-2025-42920 — CVSS 6.1 (medium): Due to a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management, an unauthenticated attacker could generate a…
CVE-2025-30009 — CVSS 6.1 (medium): he Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM…
CVE-2025-30010 — CVSS 6.1 (medium): The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM…
CVE-2014-4159 — CVSS 5.8 (medium): Open redirect vulnerability in in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to redirect users…
CVE-2023-39436 — CVSS 5.8 (medium): SAP Supplier Relationship Management -versions 600, 602, 603, 604, 605, 606, 616, 617, allows an unauthorized attacker to discover…
CVE-2025-30011 — CVSS 5.3 (medium): The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM…
CVE-2026-0513 — CVSS 4.7 (medium): Due to an Open Redirect Vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog), an unauthenticated attacker…
CVE-2014-4161 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to…