Authorization Bypass in SAP NetWeaver
CVE-2025-31331
4.3MEDIUM
What is CVE-2025-31331?
SAP NetWeaver is affected by a vulnerability that allows an attacker to circumvent authorization checks, providing unauthorized access to sensitive portions of ABAP code. This occurs after the attacker gains entry into the ABAP system, where they can execute specific transactions that reveal critical system code without the necessary validation. Such exploitation threatens the confidentiality of the system's internal operations and sensitive information.
Affected Version(s)
SAP NetWeaver SAP_ABA 700
SAP NetWeaver 701
SAP NetWeaver 702