Information Disclosure Vulnerability in SAP Promotion Management Wizard
CVE-2025-43000

7.9HIGH

Key Information:

Vendor

SAP
Status
SAP Business Objects Business Intelligence Platform (pmw)
Vendor
CVE Published:
13 May 2025

What is CVE-2025-43000?

The SAP Promotion Management Wizard contains a vulnerability that allows an unauthorized attacker to gain access to sensitive information under certain conditions. This breach results in a compromise of data confidentiality while maintaining low impact on the integrity and availability of the application. Organizations using this tool are advised to apply relevant security patches to mitigate potential risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SAP Business Objects Business Intelligence Platform (PMW) ENTERPRISE 430

SAP Business Objects Business Intelligence Platform (PMW) 2025

SAP Business Objects Business Intelligence Platform (PMW) 2027

References

https://me.sap.com/notes/3586013
https://url.sap/sapsecuritypatchday

CVSS V3.1

Score:
7.9
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

JSON
.