CVE-2025-42878 Sensitive Data Exposure in SAP Web Dispatcher and Internet Communication Manager (ICM)

🗓️ 09 Dec 2025 02:14:59Reported by sapType

CVE-2025-42878: SAP Web Dispatcher and ICM expose internal testing interfaces, enabling unauthenticated diagnostics access and disruption.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-42878	9 Dec 202503:05	–	circl
CNNVD	SAP Web Dispatcher和SAP Internet Communication Manager 安全漏洞	9 Dec 202500:00	–	cnnvd
CVE	CVE-2025-42878	9 Dec 202502:14	–	cve
EUVD	EUVD-2025-201849	9 Dec 202518:30	–	euvd
NCSC	Vulnerabilities fixed in SAP Software	12 Dec 202509:29	–	ncsc
NVD	CVE-2025-42878	9 Dec 202516:17	–	nvd
Positive Technologies	PT-2025-49768	9 Dec 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-42878	10 Dec 202502:32	–	redhatcve
Vulnrichment	CVE-2025-42878 Sensitive Data Exposure in SAP Web Dispatcher and Internet Communication Manager (ICM)	9 Dec 202502:14	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP Web Dispatcher and Internet Communication Manager (ICM)",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "KRNL64NUC 7.22"
      },
      {
        "status": "affected",
        "version": "7.22EXT"
      },
      {
        "status": "affected",
        "version": "KRNL64UC 7.22"
      },
      {
        "status": "affected",
        "version": "7.53"
      },
      {
        "status": "affected",
        "version": "WEBDISP 7.22_EXT"
      },
      {
        "status": "affected",
        "version": "7.54"
      },
      {
        "status": "affected",
        "version": "7.77"
      },
      {
        "status": "affected",
        "version": "7.89"
      },
      {
        "status": "affected",
        "version": "7.93"
      },
      {
        "status": "affected",
        "version": "9.16"
      },
      {
        "status": "affected",
        "version": "KERNEL 7.22"
      }
    ]
  }
]

Source	Link
url	www.url.sap/sapsecuritypatchday
me	www.me.sap.com/notes/3684682

09 Dec 2025 02:14Current

CVSS 3.18.2

EPSS0.00097

CWE-1244