CVE-2025-42954
BaseFortify
Publication date: 2025-07-08
Last updated on: 2025-07-08
Assigner: SAP SE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sap | netweaver_business_warehouse | 3.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-835 | The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the SAP NetWeaver Business Warehouse CCAW application allows a privileged attacker to cause high CPU load by executing RFC enabled function modules without any input parameters. This excessive CPU usage can reduce the performance or interrupt the operation of the affected application.
How can this vulnerability impact me? :
The vulnerability can lead to reduced performance or interrupted operation of the SAP NetWeaver Business Warehouse application due to high CPU load. However, it has a low impact on availability and does not affect confidentiality or integrity.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability does not impact confidentiality or integrity, so it is unlikely to directly affect compliance with standards and regulations such as GDPR or HIPAA that focus on protecting data privacy and integrity.