CVE-2025-30015 Information
Apr 09, 2025
cve
Description
Due to incorrect memory address handling in ABAP SQL of SAP NetWeaver and ABAP Platform (Application Server ABAP) an authenticated attacker with high privileges could execute certain forms of SQL queries leading to manipulation of content in the output variable. This vulnerability has a low impact on the confidentiality integrity and the availability of the application.
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
Reference
https://me.sap.com/notes/3565944 https://url.sap/sapsecuritypatchday https://url.sap/sapsecuritypatchday
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction Required
HIGH
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
LOW
Base Severity
4.1
Share on: