CVE-2026-0513
Unknown Unknown - Not Provided
Open Redirect Vulnerability in SAP SRM SICF Handler

Publication date: 2026-01-13

Last updated on: 2026-01-13

Assigner: SAP SE

Description
Due to an Open Redirect Vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog), an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site.This causes low impact on integrity of the application. Confidentiality and availability are not impacted.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-13
Last Modified
2026-01-13
Generated
2026-06-16
AI Q&A
2026-01-13
EPSS Evaluated
2026-06-15
NVD
CVE-2026-0513
EUVD
EUVD-2026-2375
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
sap supplier_relationship_management *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-601 The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an Open Redirect in SAP Supplier Relationship Management (SICF Handler in SRM Catalog). An unauthenticated attacker can create a malicious URL that, when clicked by a victim, redirects them to a site controlled by the attacker. This affects the integrity of the application but does not impact confidentiality or availability.

Compliance Impact

The vulnerability causes a low impact on the integrity of the application but does not affect confidentiality or availability. There is no specific information provided about its direct effect on compliance with standards like GDPR or HIPAA.

Impact Analysis

The impact of this vulnerability is low on the integrity of the application. It could potentially be used to redirect users to malicious sites, which might lead to phishing or other social engineering attacks. However, it does not affect the confidentiality or availability of the system.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-0513. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart