CVE-2025-42968

🗓️ 08 Jul 2025 00:36:31Reported by sapType

SAP NetWeaver allows non-administrative users to access system information, impacting confidentiality.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-42968	8 Jul 202503:26	–	circl
CNNVD	SAP NetWeaver 安全漏洞	8 Jul 202500:00	–	cnnvd
Cvelist	CVE-2025-42968 Missing Authorization check in SAP NetWeaver (RFC enabled function module)	8 Jul 202500:36	–	cvelist
EUVD	EUVD-2025-20341	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP products	9 Jul 202508:29	–	ncsc
NVD	CVE-2025-42968	8 Jul 202501:15	–	nvd
Positive Technologies	PT-2025-28287 · Sap · Sap Netweaver	8 Jul 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-42968	10 Jul 202501:30	–	redhatcve
Vulnrichment	CVE-2025-42968 Missing Authorization check in SAP NetWeaver (RFC enabled function module)	8 Jul 202500:36	–	vulnrichment

NVD

Vulners

Node

sap netweaverMatch700

sap netweaverMatch701

sap netweaverMatch702

sap netweaverMatch710

sap netweaverMatch731

sap netweaverMatch740

sap netweaverMatch750

sap netweaverMatch751

sap netweaverMatch752

sap netweaverMatch753

sap netweaverMatch754

sap netweaverMatch755

sap netweaverMatch756

sap netweaverMatch757

sap netweaverMatch758

sap netweaverMatch816

sap netweaverMatch914

sap netweaverMatch916

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP NetWeaver (RFC enabled function module)",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "SAP_BW 700"
      },
      {
        "status": "affected",
        "version": "701"
      },
      {
        "status": "affected",
        "version": "702"
      },
      {
        "status": "affected",
        "version": "710"
      },
      {
        "status": "affected",
        "version": "731"
      },
      {
        "status": "affected",
        "version": "740"
      },
      {
        "status": "affected",
        "version": "750"
      },
      {
        "status": "affected",
        "version": "751"
      },
      {
        "status": "affected",
        "version": "752"
      },
      {
        "status": "affected",
        "version": "753"
      },
      {
        "status": "affected",
        "version": "754"
      },
      {
        "status": "affected",
        "version": "755"
      },
      {
        "status": "affected",
        "version": "756"
      },
      {
        "status": "affected",
        "version": "757"
      },
      {
        "status": "affected",
        "version": "758"
      },
      {
        "status": "affected",
        "version": "816"
      },
      {
        "status": "affected",
        "version": "914"
      },
      {
        "status": "affected",
        "version": "916"
      }
    ]
  }
]

Source	Link
me	www.me.sap.com/notes/3621037
url	www.url.sap/sapsecuritypatchday

27 Oct 2025 16:57Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.14.3 - 5

EPSS0.0016

SSVC

CWE-862

cve-2025-42968 sap netweaver remote function access non-administrative user confidentiality impact