CVE-2025-42998

Medium CVSS: 5.3

The security settings in the SAP Business One Integration Framework are not adequately checked, allowing attackers to bypass the 403 Forbidden error and access restricted pages. This leads to low impact on confidentiality of the application, there is no impact on integrity and availability.

Vendor

Product

CWE

CWE-346

Yayın Tarihi

2025-06-10 01:15:23

Güncelleme

2025-06-12 16:06:39

Source Identifier

cna@sap.com

KEV Date Added

Kategoriler

CWE-346 MEDIUM 2025

Referanslar

https://me.sap.com/notes/3594258 https://url.sap/sapsecuritypatchday