{"id":71606,"date":"2025-10-14T04:45:32","date_gmt":"2025-10-14T01:15:32","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-42906-directory-traversal-vulnerability-in-sap-commerce-cloud\/"},"modified":"2025-10-14T04:45:32","modified_gmt":"2025-10-14T01:15:32","slug":"cve-2025-42906-directory-traversal-vulnerability-in-sap-commerce-cloud","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-42906-directory-traversal-vulnerability-in-sap-commerce-cloud\/","title":{"rendered":"CVE-2025-42906 &#8211; Directory Traversal vulnerability in SAP Commerce Cloud"},"content":{"rendered":"<p>CVE ID : CVE-2025-42906<\/p>\n<p>Published :  Oct. 14, 2025, 1:15 a.m. | 1\u00a0hour, 24\u00a0minutes ago<\/p>\n<p>Description : SAP Commerce Cloud contains a path traversal vulnerability that may allow users to access web applications such as the Administration Console from addresses where the Administration Console is not explicitly deployed. This could potentially bypass configured access restrictions, resulting in a low impact on confidentiality, with no impact on the integrity or availability of the application.<\/p>\n<p>Severity: 5.3 | MEDIUM<\/p>\n<p>Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-42906 Published : Oct. 14, 2025, 1:15 a.m. | 1\u00a0hour, 24\u00a0minutes ago Description : SAP Commerce Cloud contains a path traversal vulnerability that may allow users to access web applications such as the Administration Console from addresses where the Administration Console is not explicitly deployed. This could potentially bypass configured access restrictions, &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-71606","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/71606","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=71606"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/71606\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=71606"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=71606"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=71606"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}