CVE-2025-42954 Information
Jul 09, 2025
cve
Description
SAP NetWeaver Business Warehouse CCAW application allows a privileged attacker to cause a high CPU load by executing a RFC enabled function modules without any input parameters which results in reduced performance or interrupted operation of the affected resource. This leads to low impact on availability of the application there is no impact on confidentiality and integrity.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Reference
https://me.sap.com/notes/3608156 https://url.sap/sapsecuritypatchday https://url.sap/sapsecuritypatchday
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction Required
HIGH
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
LOW
Base Severity
2.7
Related CNNVD
CNNVD-202507-798 (Published: 2025-07-08)
Share on: