CVE-2025-25243 — SAP Supplier Relationship Management (Master Data Management Catalog) allows an unauthenticated attacker to use a publicly available servlet to download an arbitrary file over the network without any — CVE Database · The Intelligence Room