CNNVD-202510-2082 Information

CNNVD ID

CNNVD-202510-2082

Related CVE

CVE-2025-42903

• CNNVD Published: 2025-10-14

Description (Chinese)

SAP Financial Service Claims Management是德国思爱普（SAP）公司的一个金融服务网络平台。 SAP Financial Service Claims Management存在安全漏洞，该漏洞源于ICL_USER_GET_NAME_AND_ADDRESS RFC函数存在响应差异，可能导致用户枚举和个人数据泄露。

Description (English)

SAP Financial Services Management is a financial services network platform of SAP, Germany. There is a security loophole in SAP Financial Service Claims Management, which stems from the difference in response from the ICL USER GET NAME AND ADRESS RFC function, which may lead to the leaking of user count and personal data.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

思爱普

Published

2025-10-14

Last Modified

2026-02-24

References

https://me.sap.com/notes/3656781 https://url.sap/sapsecuritypatchday https://access.redhat.com/security/cve/cve-2025-42903

Patch

https://www.sap.com/index.html