Description
Under certain conditions SAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication Framework) allows an attacker to access restricted information due to weak access controls. This can have a significant impact on the confidentiality, integrity, and availability of an application
Scores
CVSS v3
9.9
EPSS
0.0009
EPSS Percentile
26.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-732
Status
published
Products (17)
sap/sap_basis
700
sap/sap_basis
701
sap/sap_basis
702
sap/sap_basis
731
sap/sap_basis
740
sap/sap_basis
750
sap/sap_basis
751
sap/sap_basis
752
sap/sap_basis
753
sap/sap_basis
754
... and 7 more
Published
Jan 14, 2025
Tracked Since
Feb 18, 2026