CNNVD-202510-2080 Information

Oct 14, 2025 cve

CNNVD ID

CNNVD-202510-2080

CVE-2025-42908

  • CNNVD Published: 2025-10-14

Description (Chinese)

SAP NetWeaver Application Server for ABAP是德国思爱普(SAP)公司的一个核心应用服务器平台。 SAP NetWeaver Application Server for ABAP存在跨站请求伪造漏洞,该漏洞源于跨站请求伪造漏洞,可能导致绕过授权检查并执行未经授权的交易。

Description (English)

SAP NetWeaver Application Server for AMAP is a core application server platform for SAP Germany. SAP NetWeaver Application Server for AMAP has a false gap in cross-site requests, which stems from cross-site requests for forgery, which may lead to the circumvention of authorized inspections and the execution of unauthorized transactions.

Hazard Level

High

Vulnerability Type

跨站请求伪造

Affected Vendor

思爱普

Published

2025-10-14

Last Modified

2026-02-24

References

https://me.sap.com/notes/3642021 https://url.sap/sapsecuritypatchday https://access.redhat.com/security/cve/cve-2025-42908

Patch

https://www.sap.com/index.html

Share on: