Authorization Check Flaw in SAP Landscape Transformation's PCL Basis Module
CVE-2025-43011

7.7HIGH

Key Information:

Vendor

SAP
Status
SAP Landscape Transformation
Vendor
CVE Published:
13 May 2025

What is CVE-2025-43011?

The PCL Basis module in SAP Landscape Transformation exhibits a significant security issue wherein it fails to execute necessary authorization checks under certain conditions. This flaw allows authenticated users to gain access to restricted functionalities or sensitive data, potentially compromising the confidentiality of critical information. While the integrity and availability of the application remain intact, organizations using the affected modules should take immediate action to mitigate the risks associated with this vulnerability.

References

https://me.sap.com/notes/3591978
https://url.sap/sapsecuritypatchday

CVSS V3.1

Score:
7.7
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

.
CVE-2025-43011 : Authorization Check Flaw in SAP Landscape Transformation's PCL Basis Module