CVE-2025-42954

🗓️ 08 Jul 2025 00:34:51Reported by sapType

SAP NetWeaver Business Warehouse vulnerability allows CPU overload from unauthorized RFC function execution.

Reporter	Title	Published	Views	Family All 8
CNNVD	SAP NetWeaver Business Warehouse 安全漏洞	8 Jul 202500:00	–	cnnvd
Cvelist	CVE-2025-42954 Denial of service (DOS) in SAP NetWeaver Business Warehouse (CCAW application)	8 Jul 202500:34	–	cvelist
EUVD	EUVD-2025-20351	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP products	9 Jul 202508:29	–	ncsc
NVD	CVE-2025-42954	8 Jul 202501:15	–	nvd
Positive Technologies	PT-2025-28277 · Sap · Sap Netweaver Business Warehouse	8 Jul 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-42954	10 Jul 202501:31	–	redhatcve
Vulnrichment	CVE-2025-42954 Denial of service (DOS) in SAP NetWeaver Business Warehouse (CCAW application)	8 Jul 202500:34	–	vulnrichment

Vulners

Node

sap netweaver_business_warehouseMatch100

sap netweaver_business_warehouseMatch200

sap netweaver_business_warehouseMatch300

sap netweaver_business_warehouseMatch400

sap netweaver_business_warehouseMatch700

sap netweaver_business_warehouseMatch701

sap netweaver_business_warehouseMatch702

sap netweaver_business_warehouseMatch731

sap netweaver_business_warehouseMatch740

sap netweaver_business_warehouseMatch750

sap netweaver_business_warehouseMatch751

sap netweaver_business_warehouseMatch752

sap netweaver_business_warehouseMatch753

sap netweaver_business_warehouseMatch754

sap netweaver_business_warehouseMatch755

sap netweaver_business_warehouseMatch756

sap netweaver_business_warehouseMatch757

sap netweaver_business_warehouseMatch758

sap netweaver_business_warehouseMatch816

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP NetWeaver Business Warehouse (CCAW application)",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "DW4CORE 100"
      },
      {
        "status": "affected",
        "version": "200"
      },
      {
        "status": "affected",
        "version": "300"
      },
      {
        "status": "affected",
        "version": "400"
      },
      {
        "status": "affected",
        "version": "SAP_BW 700"
      },
      {
        "status": "affected",
        "version": "701"
      },
      {
        "status": "affected",
        "version": "702"
      },
      {
        "status": "affected",
        "version": "731"
      },
      {
        "status": "affected",
        "version": "740"
      },
      {
        "status": "affected",
        "version": "750"
      },
      {
        "status": "affected",
        "version": "751"
      },
      {
        "status": "affected",
        "version": "752"
      },
      {
        "status": "affected",
        "version": "753"
      },
      {
        "status": "affected",
        "version": "754"
      },
      {
        "status": "affected",
        "version": "755"
      },
      {
        "status": "affected",
        "version": "756"
      },
      {
        "status": "affected",
        "version": "757"
      },
      {
        "status": "affected",
        "version": "758"
      },
      {
        "status": "affected",
        "version": "816"
      },
      {
        "status": "affected",
        "version": "SAP_BW_VIRTUAL_COMP 701"
      }
    ]
  }
]

Source	Link
url	www.url.sap/sapsecuritypatchday
me	www.me.sap.com/notes/3608156

15 Apr 2026 00:35Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.12.7

EPSS0.00134

SSVC

CWE-835