CVE-2025-42960
4.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
SAP Business Warehouse and SAP BW/4HANA BEx Tools allow an authenticated attacker to gain higher access levels than intended by exploiting improper authorization checks. This could potentially impact data integrity by allowing deletion of user table entries.�It has no impact on the confidentiality and availability of the application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | DW4CORE 100 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 200 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 300 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 400 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | SAP_BW 700 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 701 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 702 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 731 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 740 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 750 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 751 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 752 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 753 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 754 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 755 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 756 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 757 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 758 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | 816 | affected |
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA BEx Tools | SAP_BW_VIRTUAL_COMP 701 | affected |
Weaknesses
- CWE-862: CWE-862: Missing Authorization
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.