Description
SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system causing low impact on Confidentiality and Integrity. Availability of the system is no impacted.
Published: 2026-06-09
Score: 4.2 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability allows an attacker to craft a malicious URL that triggers a service call on the SAP Fiori launchpad domain, enabling the compromise of user accounts by stealing credentials. The issue is a path traversal flaw (CWE‑35) that does not affect system-wide confidentiality or integrity in most deployments, and it does not impact availability. The overall effect is moderate because it relies on advanced system knowledge and user interaction.

Affected Systems

SAP Fiori (launchpad) from SAP SE; no specific version data is available.

Risk and Exploitability

The CVSS base score of 4.2 indicates low severity. EPSS information is not available and the vulnerability is not listed in the CISA KEV catalog, suggesting no known widespread exploitation. The attack vector is inferred to be a user‑initiated web request crafted by the attacker, which then triggers unauthorized internal service calls. The adversary must possess advanced knowledge of the system, making exploitation relatively low but not negligible. The path traversal flaw permits attacker‑controlled input to influence service calls, potentially leading to credential theft.

Generated by OpenCVE AI on June 9, 2026 at 02:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any SAP security update for SAP Fiori launchpad that addresses the path traversal flaw; if no patch exists, contact SAP for guidance.
  • Restrict the launchpad configuration to disallow arbitrary service calls or limit them to trusted users.
  • Configure a web application firewall or equivalent filtering to block URLs containing path traversal patterns before they reach the application.
  • Educate users about the risks of clicking unknown links that target SAP Fiori resources.

Generated by OpenCVE AI on June 9, 2026 at 02:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Sap
Sap fiori Launchpad
Vendors & Products Sap
Sap fiori Launchpad

Tue, 09 Jun 2026 01:15:00 +0000

Type Values Removed Values Added
Description SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system causing low impact on Confidentiality and Integrity. Availability of the system is no impacted.
Title Path Traversal Vulnerability in SAP Fiori (launchpad)
Weaknesses CWE-35
References
Metrics cvssV3_1

{'score': 4.2, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N'}

Subscriptions

Sap Fiori Launchpad
cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published:

Updated: 2026-06-09T13:19:44.991Z

Reserved: 2026-01-21T22:15:25.361Z

Link: CVE-2026-24315

cve-icon Vulnrichment

Updated: 2026-06-09T13:19:41.113Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T01:16:45.740

Modified: 2026-06-09T02:08:28.150

Link: CVE-2026-24315

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T08:45:37Z

Weaknesses