← back
CVE-2025-31327

OData meta-data property entity tampering in SAP Field Logistics

CVSS 4.3 MEDIUMEPSS 0.2%CWE-472
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.3EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
22 Apr 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
SAP Field Logistics Manage Logistics application OData meta-data property is vulnerable to data tampering, due to which certain fields could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability are not impacted.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Affected products
SAP_SE · SAP Field Logistics

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://me.sap.com/notes/3359825https://url.sap/sapsecuritypatchday