CVE-2025-26655

🗓️ 11 Mar 2025 00:35:06Reported by sapType

SAP Just In Time lacks authorization checks, allowing privilege escalation for authenticated users.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-26655	11 Mar 202501:41	–	circl
CNNVD	SAP Just In Time 安全漏洞	11 Mar 202500:00	–	cnnvd
Cvelist	CVE-2025-26655 Missing Authorization check in SAP JIT(Outbound)	11 Mar 202500:35	–	cvelist
EUVD	EUVD-2025-7699	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP software	11 Mar 202512:20	–	ncsc
NVD	CVE-2025-26655	11 Mar 202501:15	–	nvd
RedhatCVE	CVE-2025-26655	15 Mar 202504:28	–	redhatcve
Vulnrichment	CVE-2025-26655 Missing Authorization check in SAP JIT(Outbound)	11 Mar 202500:35	–	vulnrichment

Vulners

Node

sap s4coreMatch102

sap just_in_timeMatch103

sap just_in_timeMatch104

sap just_in_timeMatch105

sap just_in_timeMatch106

sap just_in_timeMatch107

sap just_in_timeMatch618

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP Just In Time",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "S4CORE 102"
      },
      {
        "status": "affected",
        "version": "103"
      },
      {
        "status": "affected",
        "version": "104"
      },
      {
        "status": "affected",
        "version": "105"
      },
      {
        "status": "affected",
        "version": "106"
      },
      {
        "status": "affected",
        "version": "107"
      },
      {
        "status": "affected",
        "version": "ECC-DIMP 618"
      }
    ]
  }
]

Source	Link
url	www.url.sap/sapsecuritypatchday
me	www.me.sap.com/notes/3347991

15 Apr 2026 00:35Current

7.4High risk

Vulners AI Score7.4

CVSS 3.13.1

EPSS0.00144

SSVC

CWE-862