Data Tampering Vulnerability in SAP Field Logistics Manage Logistics Application
CVE-2025-31327

4.3MEDIUM

Key Information:

Vendor: SAP
Status: SAP Field Logistics
Vendor: CVE Published:; 22 April 2025

What is CVE-2025-31327?

A vulnerability exists in the OData metadata property of the SAP Field Logistics Manage Logistics application, allowing an attacker to externally modify certain fields. This could lead to data integrity issues within the application. While the confidentiality and availability of the application remain unaffected, this potential for data tampering requires prompt attention to secure the integrity of stored information.

Affected Version(s)

SAP Field Logistics S4CORE 107

SAP Field Logistics 108

References

https://me.sap.com/notes/3359825

https://url.sap/sapsecuritypatchday

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2025
Vulnerability Reserved
Mar 27, 2025