Unauthorized Access Vulnerability in SAP NetWeaver Application Server for ABAP
CVE-2025-0053

Currently unrated

Key Information:

Vendor
SAP
Vendor
CVE Published:
14 January 2025

Summary

The SAP NetWeaver Application Server for ABAP is susceptible to a vulnerability that allows an unauthorized individual to access sensitive system information. By exploiting a specific URL parameter, an unauthenticated attacker can retrieve critical details about system configuration. While this vulnerability has a limited impact on the application's confidentiality, it can be used as a stepping stone for subsequent attacks or exploits, emphasizing the need for timely security measures.

References

https://me.sap.com/notes/3536461
https://url.sap/sapsecuritypatchday

Timeline

  • Vulnerability published

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.