CVE-2025-31331

Medium CVSS: 4.3

SAP NetWeaver allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation. Once logged into the ABAP system, the attacker can run a specific transaction that exposes sensitive system code without proper authorization. This vulnerability compromises the confidentiality.

Vendor

Product

CWE

CWE-863

Yayın Tarihi

2025-04-08 08:15:17

Güncelleme

2025-04-08 18:13:53

Source Identifier

cna@sap.com

KEV Date Added

Kategoriler

CWE-863 MEDIUM 2025

Referanslar

https://me.sap.com/notes/3577131 https://url.sap/sapsecuritypatchday