SAP-3555364 — Vulnetix

SAP-3555364 PUBLISHED

SameSite Defense in Depth not applied for some cookies in SAP Commerce Product: SAP Commerce, Versions – HY_COM 2205, COM_CLOUD 2211 Severity: Medium (CVSS 6.8)

Timeline

Jan 1, 2025 CVE Published

References

SameSite Defense in Depth not applied for some cookies in SAP Commerce advisory
https://support.sap.com/en/my-support/knowledge-base/security-notes-news/bulletin-2025.html advisory
https://www.cve.org/CVERecord?id=CVE-2025-24875 advisory

Open in Interactive Console →