SAP S/4HANA CRLF Injection in Supplier Invoice
CVE-2025-42934 Published on August 12, 2025
CRLF Injection vulnerability in SAP S/4HANA (Supplier invoice)
SAP S/4HANA Supplier invoice is vulnerable to CRLF Injection. An attacker with user-level privileges can bypass the allowlist and insert untrusted sites into the 'Trusted Sites' configuration by injecting line feed (LF) characters into application inputs. This vulnerability has a low impact on the application's integrity and no impact on confidentiality or availability.
Vulnerability Analysis
CVE-2025-42934 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.
Weakness Type
What is a HTTP Response Splitting Vulnerability?
The software receives data from an upstream component, but does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.
CVE-2025-42934 has been classified to as a HTTP Response Splitting vulnerability or weakness.
Products Associated with CVE-2025-42934
Want to know whenever a new CVE is published for SAP S4hana? stack.watch will email you.
Affected Versions
SAP_SE SAP S/4HANA (Supplier invoice):- Version S4CORE 102 is affected.
- Version 103 is affected.
- Version 104 is affected.
- Version 105 is affected.
- Version 106 is affected.
- Version 107 is affected.
- Version 108 is affected.
- Version 109 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.