SAP MDM Server
Moderate fix1 remedy
cpe:2.3:a:sap:netweaver_master_data_management_server:*:*:*:*:*:*:*
Moderate fix1 remedy
SAP MDM Server Session Hijacking Vulnerability Allowing Unauthorized Function Execution
Vulnerability
A vulnerability in SAP MDM Server allows an attacker to hijack existing client sessions and execute certain functions without re-authenticating. This could lead to unauthorized access or modification of non-sensitive information, or the consumption of resources that degrade server performance.
Impact
Exploitation of this vulnerability could result in session hijacking, allowing attackers to execute functions on behalf of the user and potentially access or modify information or disrupt server performance.
Remediation
Users are advised to review and implement the SAP Security Notes available in SAP for Me. SAP Security Patch Day occurs on the second Tuesday of every month, when SAP publishes important security updates. For more information, consult the SAP Security Notes FAQ.
Added: Jun 10, 2025, 1:19 AM
Updated: Jun 10, 2025, 1:19 AM
Vulnerability Rating
Custom Algorithm
spread
1.4impact
1.9exploitability
7.0remediation
6.0relevance
0.2threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.