CNNVD-202511-1299 Information

CNNVD ID

CNNVD-202511-1299

Related CVE

CVE-2025-42889

• CNNVD Published: 2025-11-11

Description (Chinese)

SAP S/4HANA是德国思爱普（SAP）公司的一个基于 SAP HANA 内存数据库系统的的企业资源管理软件。 SAP S/4HANA存在SQL注入漏洞，该漏洞源于经过身份验证的攻击者可执行特制数据库查询，可能导致后端数据库暴露。

Description (English)

SAP S/4HANA is an enterprise resource management software based on the SAP HANA memory database system of SAP Germany. SAP S/4HANA has a leak in SQL, which stems from the fact that an identified assailant can perform a specific database search, which could lead to exposure to the back end database.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

思爱普

Published

2025-11-11

Last Modified

2026-02-24

References

https://me.sap.com/notes/2886616 https://url.sap/sapsecuritypatchday https://access.redhat.com/security/cve/cve-2025-42889

Patch

https://url.sap/sapsecuritypatchday