4.7
CVE-2026-0513
- EPSS 0.14%
- Veröffentlicht 13.01.2026 01:15:57
- Zuletzt bearbeitet 22.01.2026 18:48:53
- Quelle cna@sap.com
- CVE-Watchlists
- Unerledigt
Open Redirect Vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog)
Due to an Open Redirect Vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog), an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site.This causes low impact on integrity of the application. Confidentiality and availability are not impacted.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SAP ≫ Supplier Relationship Management Version700
SAP ≫ Supplier Relationship Management Version701
SAP ≫ Supplier Relationship Management Version702
SAP ≫ Supplier Relationship Management Version713
SAP ≫ Supplier Relationship Management Version714
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.335 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.7 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
|
| cna@sap.com | 4.7 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
|
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.