CVE-2025-43011

Summary

Under certain conditions, SAP Landscape Transformation's PCL Basis module does not perform the necessary authorization checks, allowing authenticated users to access restricted functionalities or data. This can lead to a high impact on confidentiality with no impact on the integrity or availability of the application.

Affected Software

VendorProductVersion RangeStatus
SAP_SESAP Landscape Transformation (PCL Basis)DMIS 2011_1_700affected
SAP_SESAP Landscape Transformation (PCL Basis)2011_1_710affected
SAP_SESAP Landscape Transformation (PCL Basis)2011_1_730affected
SAP_SESAP Landscape Transformation (PCL Basis)2011_1_731affected
SAP_SESAP Landscape Transformation (PCL Basis)2018_1_752affected
SAP_SESAP Landscape Transformation (PCL Basis)2020affected
SAP_SESAP Landscape Transformation (PCL Basis)S4CORE 102affected
SAP_SESAP Landscape Transformation (PCL Basis)103affected
SAP_SESAP Landscape Transformation (PCL Basis)104affected
SAP_SESAP Landscape Transformation (PCL Basis)105affected
SAP_SESAP Landscape Transformation (PCL Basis)106affected
SAP_SESAP Landscape Transformation (PCL Basis)107affected
SAP_SESAP Landscape Transformation (PCL Basis)108affected

Weaknesses

  • CWE-862: CWE-862: Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References