CVE-2026-23681

Due to missing authorization check in a function module in SAP Support Tools Plug-In, an authenticated attacker could invoke specific function modules to retrieve information about the system and its configuration. This disclosure of the system information could assist the attacker to plan...

CVE-2025-42952

SAP Business Warehouse and SAP Plug-In Basis allows an authenticated attacker to add fields to arbitrary SAP database tables and/or structures, potentially rendering the system unusable. On successful exploitation, an attacker can render the system unusable by triggering short dumps on login. Thi...

PT-2025-28275 · Sap · Sap Plug-In Basis +1

Name of the Vulnerable Software and Affected Versions: SAP Business Warehouse and SAP Plug-In Basis affected versions not specified Description: The issue allows an authenticated attacker to add fields to arbitrary SAP database tables and/or structures, potentially rendering the system unusable. ...

CVE-2025-42983

Affected product: SAP Business Warehouse and SAP Plug-In Basis. vulnerability: missing authorization checks allow an authenticated attacker to drop arbitrary SAP database tables and delete entries, potentially causing data loss and system unavailability; no data reading is possible. root cause: l...