← voltar
CVE-2025-42997

Information Disclosure vulnerability in SAP Gateway Client

CVSS 6.6 MEDIUMEPSS 0.2%CWE-732
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 6.6EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
13 mai 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Under certain conditions, SAP Gateway Client allows a high-privileged user to access restricted information beyond the scope of the application. Due to the possibility of influencing application behavior or performance through misuse of the exposed data, this may potentially lead to low impact on confidentiality, integrity, and availability.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
Produtos afetados
SAP_SE · SAP Gateway Client

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://me.sap.com/notes/3577300https://url.sap/sapsecuritypatchday