CVE-2025-42909

Low CVSS: 3.0

SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an insecure S/4HANA default profile setting in an existing SAP CAL appliances to gain access to other appliances. This has low impact on confidentiality of the application, integrity and availability is not impacted.

Vendor

Product

CWE

CWE-1004

Yayın Tarihi

2025-10-14 01:15:32

Güncelleme

2025-10-14 19:36:29

Source Identifier

cna@sap.com

KEV Date Added

Kategoriler

CWE-1004 LOW 2025

Referanslar

https://me.sap.com/notes/3643871 https://url.sap/sapsecuritypatchday