SAP Commerce Cloud Public Cloud: HTTP 80 Redirect Vulnerability
CVE-2025-26654 Published on April 8, 2025

Potential information disclosure vulnerability in SAP Commerce Cloud (Public Cloud)
SAP Commerce Cloud (Public Cloud) does not allow to disable unencrypted HTTP (port 80) entirely, but instead allows a redirect from port 80 to 443 (HTTPS). As a result, Commerce normally communicates securely over HTTPS. However, the confidentiality and integrity of data sent on the first request before the redirect may be impacted if the client is configured to use HTTP and sends confidential data on the first request before the redirect.

NVD

Vulnerability Analysis

Attack Vector:
ADJACENT_NETWORK
Attack Complexity:
HIGH
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
NONE

Weakness Type

Cleartext Transmission of Sensitive Information

The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. Many communication channels can be "sniffed" by attackers during data transmission. For example, network traffic can often be sniffed by any attacker who has access to a network interface. This significantly lowers the difficulty of exploitation by attackers.


Products Associated with CVE-2025-26654

Want to know whenever a new CVE is published for SAP Commerce Cloud? stack.watch will email you.

SAP Commerce Cloud
 

Affected Versions

SAP_SE SAP Commerce Cloud (Public Cloud) Version COM_CLOUD 2211 is affected by CVE-2025-26654

Exploit Probability

EPSS
0.05%
Percentile
15.91%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.