Количество 3
Количество 3
CVE-2025-42875
The SAP Internet Communication Framework does not conduct any authentication checks for features that need user identification allowing an attacker to reuse authorization tokens, violating secure authentication practices causing low impact on Confidentiality, Integrity and Availability of the application.
GHSA-jg7f-v8jg-x732
The SAP Internet Communication Framework does not conduct any authentication checks for features that need user identification allowing an attacker to reuse authorization tokens, violating secure authentication practices causing low impact on Confidentiality, Integrity and Availability of the application.
BDU:2025-16272
Уязвимость сервера веб-приложений SAP NetWeaver Internet Communication Framework, связанная с отсутствием аутентификации для критичной функции, позволяющая нарушителю обойти существующие ограничения безопасности
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-42875 The SAP Internet Communication Framework does not conduct any authentication checks for features that need user identification allowing an attacker to reuse authorization tokens, violating secure authentication practices causing low impact on Confidentiality, Integrity and Availability of the application. | CVSS3: 6.6 | 0% Низкий | 2 месяца назад |
| GHSA-jg7f-v8jg-x732 The SAP Internet Communication Framework does not conduct any authentication checks for features that need user identification allowing an attacker to reuse authorization tokens, violating secure authentication practices causing low impact on Confidentiality, Integrity and Availability of the application. | CVSS3: 6.6 | 0% Низкий | 2 месяца назад |
 | BDU:2025-16272 Уязвимость сервера веб-приложений SAP NetWeaver Internet Communication Framework, связанная с отсутствием аутентификации для критичной функции, позволяющая нарушителю обойти существующие ограничения безопасности | CVSS3: 6.6 | 0% Низкий | 2 месяца назад |
Уязвимостей на страницу