CVE-2025-0066

CVE-2025-0066

Information

CVE_ID              : CVE-2025-0066
Severity            : CRITICAL
Published        : 2025-01-14T01:15:16.783
LastModified  : 2025-01-14T01:15:16.783
Updated          : 2025-01-14T01:15:16.783
Status              : Awaiting Analysis

Descriptions:

Under certain conditions SAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication Framework) allows an attacker to access restricted information due to weak access controls. This can have a significant impact on the confidentiality, integrity, and availability of an application


Know Exploitability

Exploitability : False

Vendor Affected

CVE-2025-0066

V4.0

V3.1

Score : 9.9
Severity : CRITICAL
Attack Vector : NETWORK
Attack Complexity : LOW
Privileges Required : LOW
User Interaction : NONE
Scope : CHANGED
Confidentiality Impact : HIGH
Integrity Impact : HIGH
Availability Impact : HIGH
Exploitability : 3.1
Impact Score : 6.0

V3.0

V2.0

References

https://me.sap.com/notes/3550708

https://url.sap/sapsecuritypatchday

Vendor Product