CVE-2025-42904

Medium CVSS: 6.5

Due to an Information Disclosure vulnerability in Application Server ABAP, an authenticated attacker could read unmasked values displayed in ABAP Lists. Successful exploitation could lead to unauthorized disclosure of data, resulting in a high impact on confidentiality without affecting integrity or availability.

Vendor

Product

CWE

CWE-549

Yayın Tarihi

2025-12-09 16:17:52

Güncelleme

2025-12-09 18:36:53

Source Identifier

cna@sap.com

KEV Date Added

Kategoriler

CWE-549 MEDIUM 2025

Referanslar

https://me.sap.com/notes/3662324 https://url.sap/sapsecuritypatchday