CVE-2025-23191
LOWDescription
Cached values belonging to the SAP OData endpoint in SAP Fiori for SAP ERP could be poisoned by modifying the Host header value in an HTTP GET request. An attacker could alter the `atom:link` values in the returned metadata redirecting them from the SAP server to a malicious link set by the attacker. Successful exploitation could cause low impact on integrity of the application.
CVSS v3.1 Score
Weakness Type (CWE)
References
Other References
Frequently Asked Questions
What is CVE-2025-23191? +
How severe is CVE-2025-23191? +
How do I check if I'm vulnerable to CVE-2025-23191? +
Related Vulnerabilities
Improper handling of HTTP headers that allows a remote attacker to manipulate the value of the Host header using specially …
Craft CMS is a content management system (CMS). Versions 4.0.0-RC1 and above, prior to 4.18.0 and 5.0.0-RC1, and above, prior …
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection, caused by improper validation of …
OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into …
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass …
Algernon is a small self-contained pure-Go web server. Prior to 1.17.8, when algernon is started with --domain (or --letsencrypt, which …