Description
An obsolete functionality in SAP NetWeaver Application Server ABAP did not perform necessary authorization checks. Because of this, an authenticated attacker could obtain information that would otherwise be restricted. It has no impact on integrity or availability on the application.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2025-1497 | An obsolete functionality in SAP NetWeaver Application Server ABAP did not perform necessary authorization checks. Because of this, an authenticated attacker could obtain information that would otherwise be restricted. It has no impact on integrity or availability on the application. |
References
History
Tue, 14 Jan 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 14 Jan 2025 00:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An obsolete functionality in SAP NetWeaver Application Server ABAP did not perform necessary authorization checks. Because of this, an authenticated attacker could obtain information that would otherwise be restricted. It has no impact on integrity or availability on the application. | |
| Title | Missing Authorization check in Remote Function Call (RFC) in SAP NetWeaver Application Server ABAP | |
| Weaknesses | CWE-862 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: sap
Published:
Updated: 2025-01-14T15:03:46.979Z
Reserved: 2024-12-11T05:05:11.460Z
Link: CVE-2025-0068
Updated: 2025-01-14T15:03:34.078Z
Status : Deferred
Published: 2025-01-14T01:15:17.107
Modified: 2026-06-17T08:25:45.007
Link: CVE-2025-0068
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-862
Missing Authorization
EUVD