Improper Neutralization of HTTP Headers for Scripting Syntax

CVE-2025-23191

Low

3.1/10

Summary

Cached values belonging to the SAP OData endpoint in SAP Fiori for SAP ERP could be poisoned by modifying the Host header value in an HTTP GET request. An attacker could alter the `atom:link` values in the returned metadata redirecting them from the SAP server to a malicious link set by the attacker. Successful exploitation could cause low impact on integrity of the application.

Attack Complexity: HIGH
Attack Vector: NETWORK
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: NONE
Availability Impact: NONE

CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax

The application does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers, such as Flash.

References

Advisory Timeline

Published Feb 11, 2025

Improper Neutralization of HTTP Headers for Scripting Syntax

CVE-2025-23191

Summary

CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS