CVE-2025-42952

🗓️ 08 Jul 2025 00:34:32Reported by sapType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 16 Views

Auth attacker can add fields to SAP tables, risking system availability via short dumps on login.

Reporter	Title	Published	Views	Family All 8
CNNVD	SAP Business Warehouse和SAP Plug-In Basis 安全漏洞	8 Jul 202500:00	–	cnnvd
Cvelist	CVE-2025-42952 Missing Authorization check in SAP Business Warehouse and SAP Plug-In Basis	8 Jul 202500:34	–	cvelist
EUVD	EUVD-2025-20353	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP products	9 Jul 202508:29	–	ncsc
NVD	CVE-2025-42952	8 Jul 202501:15	–	nvd
Positive Technologies	PT-2025-28275 · Sap · Sap Plug-In Basis +1	8 Jul 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-42952	10 Jul 202501:30	–	redhatcve
Vulnrichment	CVE-2025-42952 Missing Authorization check in SAP Business Warehouse and SAP Plug-In Basis	8 Jul 202500:34	–	vulnrichment

Vulners

Node

sap business_warehouseMatch2006

sap plug-in_basisMatch2006

sap business_warehouseMatch701

sap plug-in_basisMatch701

sap business_warehouseMatch702

sap plug-in_basisMatch702

sap business_warehouseMatch731

sap plug-in_basisMatch731

sap business_warehouseMatch740

sap plug-in_basisMatch740

sap business_warehouseMatch700

sap plug-in_basisMatch700

sap business_warehouseMatch750

sap plug-in_basisMatch750

sap business_warehouseMatch751

sap plug-in_basisMatch751

sap business_warehouseMatch752

sap plug-in_basisMatch752

sap business_warehouseMatch753

sap plug-in_basisMatch753

sap business_warehouseMatch754

sap plug-in_basisMatch754

sap business_warehouseMatch755

sap plug-in_basisMatch755

sap business_warehouseMatch756

sap plug-in_basisMatch756

sap business_warehouseMatch757

sap plug-in_basisMatch757

sap business_warehouseMatch758

sap plug-in_basisMatch758

sap business_warehouseMatch816

sap plug-in_basisMatch816

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP Business Warehouse and SAP Plug-In Basis",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "PI_BASIS 2006_1_700"
      },
      {
        "status": "affected",
        "version": "701"
      },
      {
        "status": "affected",
        "version": "702"
      },
      {
        "status": "affected",
        "version": "731"
      },
      {
        "status": "affected",
        "version": "740"
      },
      {
        "status": "affected",
        "version": "SAP_BW 700"
      },
      {
        "status": "affected",
        "version": "750"
      },
      {
        "status": "affected",
        "version": "751"
      },
      {
        "status": "affected",
        "version": "752"
      },
      {
        "status": "affected",
        "version": "753"
      },
      {
        "status": "affected",
        "version": "754"
      },
      {
        "status": "affected",
        "version": "755"
      },
      {
        "status": "affected",
        "version": "756"
      },
      {
        "status": "affected",
        "version": "757"
      },
      {
        "status": "affected",
        "version": "758"
      },
      {
        "status": "affected",
        "version": "816"
      }
    ]
  }
]

Source	Link
url	www.url.sap/sapsecuritypatchday
me	www.me.sap.com/notes/3623255

15 Apr 2026 00:35Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.17.7

EPSS0.00227

SSVC

CWE-862