Host Header Manipulation Vulnerability in SAP Fiori for SAP ERP
CVE-2025-23191

3.1LOW

Key Information:

Vendor: SAP
Status: SAP Fiori For SAP Erp
Vendor: CVE Published:; 11 February 2025

Summary

A vulnerability exists within the SAP OData endpoint in SAP Fiori for SAP ERP where cached values can be compromised through Host header modification in HTTP GET requests. This manipulation allows attackers to redirect atom:link values in the metadata, potentially leading to redirects to malicious URLs. If exploited, this could impact the integrity of the application by misleading users and misdirecting data flows.

Affected Version(s)

SAP Fiori for SAP ERP SAP_GWFND 740

SAP Fiori for SAP ERP 750

SAP Fiori for SAP ERP 751

References

https://me.sap.com/notes/3426825

https://url.sap/sapsecuritypatchday

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 11, 2025
Vulnerability Reserved
Jan 13, 2025