CVE-2025-30011 is a medium-severity vulnerability affecting SAP Supplier Relationship Management (SRM) version 7.14, specifically within the Live Auction Cockpit component. This vulnerability arises from the use of a deprecated Java applet component embedded in the affected SRM packages. An unauthenticated attacker can exploit this flaw by sending a specially crafted malicious request to the Live Auction Cockpit application. Successful exploitation results in the disclosure of sensitive internal system information, specifically the internal version details of the affected SAP SRM system. The vulnerability is categorized under CWE-497, which involves the exposure of sensitive system information to an unauthorized control sphere. According to the CVSS 3.1 scoring, the vulnerability has a base score of 5.3 (medium severity), with an attack vector of network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction needed (UI:N). The impact is limited to confidentiality, with no effect on integrity or availability. No known exploits are currently reported in the wild, and no official patches have been published yet. The exposure of internal version details could potentially aid attackers in crafting more targeted attacks or identifying other vulnerabilities in the system, although the direct impact on system operations is limited.

For European organizations using SAP SRM 7.14 with the Live Auction Cockpit, this vulnerability poses a moderate risk primarily related to information disclosure. While the direct confidentiality impact is low, the leakage of internal version details can facilitate reconnaissance activities by threat actors, enabling them to tailor subsequent attacks or exploit other vulnerabilities specific to the disclosed versions. This is particularly relevant for organizations in sectors with high reliance on SAP SRM for supplier and procurement management, such as manufacturing, automotive, pharmaceuticals, and large-scale retail. The lack of impact on integrity and availability means operational disruptions or data tampering are unlikely from this vulnerability alone. However, in the context of a multi-stage attack, this information disclosure could be a stepping stone for more severe compromises. Given the unauthenticated and network-accessible nature of the vulnerability, attackers can attempt exploitation remotely without prior access, increasing the risk surface. European organizations with complex supply chains and integrations relying on SAP SRM should be vigilant, as attackers may leverage this information to target supply chain processes or gain footholds in enterprise environments.

To mitigate CVE-2025-30011, European organizations should take the following specific actions: 1) Disable or remove the deprecated Java applet component in the Live Auction Cockpit if it is not essential for business operations, as Java applets are generally deprecated and pose security risks. 2) Restrict network access to the SAP SRM Live Auction Cockpit interface by implementing network segmentation and firewall rules to limit exposure to trusted internal networks or VPN users only. 3) Monitor and log all access attempts to the Live Auction Cockpit component to detect unusual or unauthorized requests that may indicate exploitation attempts. 4) Engage with SAP support channels to obtain any forthcoming patches or security advisories related to this vulnerability and apply them promptly once available. 5) Conduct regular security assessments and penetration testing focused on SAP SRM components to identify and remediate similar information disclosure issues. 6) Educate IT and security teams about the risks associated with deprecated technologies like Java applets and encourage migration to modern, secure alternatives. 7) Implement strict access controls and authentication mechanisms around SAP SRM interfaces to reduce the attack surface, even though this vulnerability does not require authentication, limiting access reduces overall risk.