CVE-2025-30014

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://me.sap.com/notes/2927164", "name": "https://me.sap.com/notes/2927164", "tags": [], "refsource": ""}, {"url": "https://url.sap/sapsecuritypatchday", "name": "https://url.sap/sapsecuritypatchday", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from directory which they don?t have access to, hence causing a high impact on confidentiality. Integrity and Availability are not affected."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-35"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-30014", "ASSIGNER": "cna@sap.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 3.1}}, "publishedDate": "2025-04-08T08:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-04-08T08:15Z"}