CNNVD-202511-1295 Information

CNNVD ID

CNNVD-202511-1295

Related CVE

CVE-2025-42894

• CNNVD Published: 2025-11-11

Description (Chinese)

SAP Business Connector是德国思爱普（SAP）公司的一种中间件。 SAP Business Connector存在路径遍历漏洞，该漏洞源于路径遍历漏洞，可能导致读取、写入、覆盖和删除主机系统上的任意文件，进而执行任意操作系统命令，完全破坏受影响系统的机密性、完整性和可用性。

Description (English)

SAP Business Contractor is an intermediate of SAP in Germany. SAP Business Contractor has a loophole in the path that can lead to the reading, writing, covering and removal of random files from the mainframe system, thus giving effect to arbitrary operating system orders that completely undermine the confidentiality, integrity and availability of the affected system.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

思爱普

Published

2025-11-11

Last Modified

2026-02-24

References

https://me.sap.com/notes/3666038 https://url.sap/sapsecuritypatchday https://access.redhat.com/security/cve/cve-2025-42894

Patch

https://url.sap/sapsecuritypatchday