Information Disclosure Vulnerability in SAP Business Workflow and Flexible Workflow
CVE-2025-0058

Currently unrated

Key Information:

Vendor: SAP
Vendor: CVE Published:; 14 January 2025

Summary

In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker may exploit a parameter within a legitimate resource request. This manipulation enables the attacker to access sensitive information that is generally restricted, although they cannot modify or delete the information.

References

https://me.sap.com/notes/3542698

https://url.sap/sapsecuritypatchday

Timeline

Vulnerability published
Jan 14, 2025