← voltar
CVE-2025-30015

Memory Corruption vulnerability in SAP NetWeaver and ABAP Platform (Application Server ABAP)

CVSS 4.1 MEDIUMEPSS 0.2%CWE-787
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 4.1EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
08 abr 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Due to incorrect memory address handling in ABAP SQL of SAP NetWeaver and ABAP Platform (Application Server ABAP), an authenticated attacker with high privileges could execute certain forms of SQL queries leading to manipulation of content in the output variable. This vulnerability has a low impact on the confidentiality, integrity and the availability of the application.
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
Produtos afetados
SAP_SE · SAP NetWeaver and ABAP Platform (Application Server ABAP)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://me.sap.com/notes/3565944https://url.sap/sapsecuritypatchday