Platform
sap
Component
sap-crm-and-sap-s-4hana-interaction-center
Fixed in
4.0.1
200.0.1
204.0.1
205.0.1
206.0.1
4.0.1
103.0.1
104.0.1
105.0.1
106.0.1
107.0.1
108.0.1
4.0.1
701.0.1
702.0.1
712.0.1
713.0.1
714.0.1
701.0.1
731.0.1
746.0.1
747.0.1
748.0.1
800.0.1
801.0.1
CVE-2025-27430 describes a Server-Side Request Forgery (SSRF) vulnerability affecting SAP CRM and SAP S/4HANA (Interaction Center) components. This vulnerability allows an attacker with low privileges to send requests to internal network resources, potentially exposing sensitive information. The vulnerability impacts versions of the product up to and including WEBCUIF 701. A patch is available, resolving the issue.
The SSRF vulnerability in SAP CRM and S/4HANA allows an attacker to craft malicious requests that originate from the server itself. This bypasses typical network security controls, enabling access to internal resources that would normally be inaccessible from the outside. Successful exploitation could lead to the exposure of sensitive data stored on internal systems, such as configuration files, database credentials, or proprietary business information. While the vulnerability does not directly impact data integrity or availability, the confidentiality breach can have significant consequences, including compliance violations and reputational damage. The low privilege requirement makes this vulnerability particularly concerning, as it reduces the barrier to entry for potential attackers.
CVE-2025-27430 was publicly disclosed on March 11, 2025. The CVSS score of 3.5 (LOW) indicates a relatively low probability of exploitation, but the potential impact on confidentiality should not be underestimated. There are currently no publicly available proof-of-concept exploits. It is not listed on the CISA KEV catalog as of this writing. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns targeting this vulnerability.
Exploit Status
EPSS
0.06% (19% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-27430 is to upgrade to version 701.0.1 or later. Prior to upgrading, it's crucial to review SAP's official documentation for compatibility and potential breaking changes. If an immediate upgrade is not feasible, consider implementing temporary workarounds such as restricting outbound network access from the affected component using a Web Application Firewall (WAF) or proxy server. Configure the WAF to block requests to internal IP addresses or specific internal services. Regularly monitor system logs for suspicious outbound requests originating from the SAP CRM/S/4HANA component. After upgrading, confirm the fix by attempting to trigger the SSRF vulnerability and verifying that the request is blocked or redirected.
Apply the security updates provided by SAP. Consult SAP note 3561861 for detailed information on the solution and fixed versions. It is recommended to update to the latest available version.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-27430 is a Server-Side Request Forgery vulnerability in SAP CRM and SAP S/4HANA (Interaction Center) allowing attackers to access internal resources. It has a CVSS score of 3.5 (LOW).
You are affected if you are using SAP CRM and SAP S/4HANA (Interaction Center) versions up to and including WEBCUIF 701.
Upgrade to version 701.0.1 or later. Implement WAF rules to restrict outbound network access as a temporary workaround.
There are currently no publicly available proof-of-concept exploits or confirmed reports of active exploitation.
Refer to the official SAP Security Notes for details and remediation guidance. Check the SAP Support Portal for the latest advisory.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.