CVE-2026-0510

Low CVSS: 3.0

The User Management Engine (UME) in NetWeaver Application Server for Java (NW AS Java) utilizes an obsolete cryptographic algorithm for encrypting User Mapping data. This weakness could allow an attacker with high-privileged access to exploit the vulnerability under specific conditions potentially leading to partial disclosure of sensitive information.This has low impact on confidentiality with no impact on integrity and availability of the application.

Vendor

Product

CWE

CWE-326

Yayın Tarihi

2026-01-13 02:15:53

Güncelleme

2026-01-13 14:03:18

Source Identifier

cna@sap.com

KEV Date Added

Kategoriler

CWE-326 LOW 2026

Referanslar

https://me.sap.com/notes/3593356 https://url.sap/sapsecuritypatchday