CVE-2025-42916

High CVSS: 8.1

Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database tables, if the tables are not protected by an authorization group. This leads to a high impact on integrity and availability of the database but no impact on confidentiality.

Vendor

Product

CWE

CWE-1287

Yayın Tarihi

2025-09-09 02:15:39

Güncelleme

2025-09-09 16:28:43

Source Identifier

cna@sap.com

KEV Date Added

Kategoriler

CWE-1287 HIGH 2025

Referanslar

https://me.sap.com/notes/3635475 https://url.sap/sapsecuritypatchday