SAP Gateway Client Vulnerability Exposes Restricted Information
CVE-2025-42997

6.6MEDIUM

Key Information:

Vendor

SAP

Vendor
CVE Published:
13 May 2025

What is CVE-2025-42997?

Under certain circumstances, the SAP Gateway Client can allow high-privileged users to access information that should be restricted, which can be misused to influence application functionality or performance. This exposure poses a risk to the confidentiality, integrity, and availability of sensitive data within the application, highlighting the need for prompt attention to security measures.

Affected Version(s)

SAP Gateway Client SAP_GWFND 752

SAP Gateway Client 753

SAP Gateway Client 754

References

CVSS V3.1

Score:
6.6
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

.