CVE-2025-42958

Critical CVSS: 9.1

Due to a missing authentication check in the SAP NetWeaver application on IBM i-series, the application allows high privileged unauthorized users to read, modify, or delete sensitive information, as well as access administrative or privileged functionalities. This results in a high impact on the confidentiality, integrity, and availability of the application.

Vendor

Product

CWE

CWE-250

Yayın Tarihi

2025-09-09 02:15:42

Güncelleme

2025-09-09 16:28:43

Source Identifier

cna@sap.com

KEV Date Added

Kategoriler

CWE-250 CRITICAL 2025

Referanslar

https://me.sap.com/notes/3627373 https://url.sap/sapsecuritypatchday