cnvd - cnvd-2025-07505

cnvd-2025-07505

Vulnerability from cnvd

Title: SAP Commerce Cloud信息泄露漏洞（CNVD-2025-07505）

Description:

SAP Commerce Cloud是德国思爱普（SAP）公司的一套基于云的电子商务平台。该产支持销售管理、营销管理、订单管理和运营管理等。

SAP Commerce Cloud存在信息泄露漏洞，攻击者可利用该漏洞提交特殊的请求，获取敏感信息。

Severity: 中

Patch Name: SAP Commerce Cloud信息泄露漏洞（CNVD-2025-07505）的补丁

Patch Description:

SAP Commerce Cloud是德国思爱普（SAP）公司的一套基于云的电子商务平台。该产支持销售管理、营销管理、订单管理和运营管理等。

SAP Commerce Cloud存在信息泄露漏洞，攻击者可利用该漏洞提交特殊的请求，获取敏感信息。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级程序修复该安全问题，详情见厂商官网: https://me.sap.com/notes/3543274

Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-26654

Impacted products

Name
SAP Commerce Cloud

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-26654",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-26654"
    }
  },
  "description": "SAP Commerce Cloud\u662f\u5fb7\u56fd\u601d\u7231\u666e\uff08SAP\uff09\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8e\u4e91\u7684\u7535\u5b50\u5546\u52a1\u5e73\u53f0\u3002\u8be5\u4ea7\u652f\u6301\u9500\u552e\u7ba1\u7406\u3001\u8425\u9500\u7ba1\u7406\u3001\u8ba2\u5355\u7ba1\u7406\u548c\u8fd0\u8425\u7ba1\u7406\u7b49\u3002\n\nSAP Commerce Cloud\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u7a0b\u5e8f\u4fee\u590d\u8be5\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u89c1\u5382\u5546\u5b98\u7f51:\r\nhttps://me.sap.com/notes/3543274",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-07505",
  "openTime": "2025-04-15",
  "patchDescription": "SAP Commerce Cloud\u662f\u5fb7\u56fd\u601d\u7231\u666e\uff08SAP\uff09\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8e\u4e91\u7684\u7535\u5b50\u5546\u52a1\u5e73\u53f0\u3002\u8be5\u4ea7\u652f\u6301\u9500\u552e\u7ba1\u7406\u3001\u8425\u9500\u7ba1\u7406\u3001\u8ba2\u5355\u7ba1\u7406\u548c\u8fd0\u8425\u7ba1\u7406\u7b49\u3002\r\n\r\nSAP Commerce Cloud\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "SAP Commerce Cloud\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2025-07505\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "SAP Commerce Cloud"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2025-26654",
  "serverity": "\u4e2d",
  "submitTime": "2025-04-14",
  "title": "SAP Commerce Cloud\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2025-07505\uff09"
}

CVE-2025-26654 (GCVE-0-2025-26654)

Vulnerability from cvelistv5

Published

2025-04-08 07:13

Modified

2025-04-09 04:00

Severity ?

6.8 (Medium) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-319 - Cleartext Transmission of Sensitive Information

Summary

SAP Commerce Cloud (Public Cloud) does not allow to disable unencrypted HTTP (port 80) entirely, but instead allows a redirect from port 80 to 443 (HTTPS). As a result, Commerce normally communicates securely over HTTPS. However, the confidentiality and integrity of data sent on the first request before the redirect may be impacted if the client is configured to use HTTP and sends confidential data on the first request before the redirect.

References

▼	URL	Tags
	https://me.sap.com/notes/3543274
	https://url.sap/sapsecuritypatchday

Impacted products

	Vendor	Product	Version
	SAP_SE	SAP Commerce Cloud (Public Cloud)	Version: COM_CLOUD 2211

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-26654",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-08T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-09T04:00:45.108Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "SAP Commerce Cloud (Public Cloud)",
          "vendor": "SAP_SE",
          "versions": [
            {
              "status": "affected",
              "version": "COM_CLOUD 2211"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eSAP Commerce Cloud (Public Cloud) does not allow to disable unencrypted HTTP (port 80) entirely, but instead allows a redirect from port 80 to 443 (HTTPS). As a result, Commerce normally communicates securely over HTTPS. However, the confidentiality and integrity of data sent on the first request before the redirect may be impacted if the client is configured to use HTTP and sends confidential data on the first request before the redirect.\u003c/p\u003e"
            }
          ],
          "value": "SAP Commerce Cloud (Public Cloud) does not allow to disable unencrypted HTTP (port 80) entirely, but instead allows a redirect from port 80 to 443 (HTTPS). As a result, Commerce normally communicates securely over HTTPS. However, the confidentiality and integrity of data sent on the first request before the redirect may be impacted if the client is configured to use HTTP and sends confidential data on the first request before the redirect."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-319",
              "description": "CWE-319: Cleartext Transmission of Sensitive Information",
              "lang": "eng",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-08T07:13:04.452Z",
        "orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
        "shortName": "sap"
      },
      "references": [
        {
          "url": "https://me.sap.com/notes/3543274"
        },
        {
          "url": "https://url.sap/sapsecuritypatchday"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Potential information disclosure vulnerability in SAP Commerce Cloud (Public Cloud)",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
    "assignerShortName": "sap",
    "cveId": "CVE-2025-26654",
    "datePublished": "2025-04-08T07:13:04.452Z",
    "dateReserved": "2025-02-12T21:05:31.735Z",
    "dateUpdated": "2025-04-09T04:00:45.108Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted