exploitDog

CVE-2025-31331

Опубликовано: 08 апр. 2025

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

SAP NetWeaver allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation. Once logged into the ABAP system, the attacker can run a specific transaction that exposes sensitive system code without proper authorization. This vulnerability compromises the confidentiality.

Ссылки

EPSS

Процентиль: 37%

0.0016

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-863

Связанные уязвимости

GHSA-jc4p-p49m-8p2p

CVSS3: 4.3

github

10 месяцев назад

SAP NetWeaver allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation. Once logged into the ABAP system, the attacker can run a specific transaction that exposes sensitive system code without proper authorization. This vulnerability compromises the confidentiality.

BDU:2025-04842

CVSS3: 4.3

fstec

10 месяцев назад

Уязвимость программной интеграционной платформы SAP NetWeaver, связанная с неправильной авторизацией, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 37%

0.0016

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-863