CVE-2025-42960
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-08
Last updated on: 2025-07-08
Assigner: SAP SE
Description
Description
SAP Business Warehouse and SAP BW/4HANA BEx Tools allow an authenticated attacker to gain higher access levels than intended by exploiting improper authorization checks. This could potentially impact data integrity by allowing deletion of user table entries.οΏ½It has no impact on the confidentiality and availability of the application.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sap | business_warehouse | * |
| sap | bex_tools | * |
| sap | bw/4hana | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in SAP Business Warehouse and SAP BW/4HANA BEx Tools allows an authenticated attacker to gain higher access levels than intended by exploiting improper authorization checks. This means the attacker can perform actions beyond their normal permissions, such as deleting entries in user tables.
How can this vulnerability impact me? :
The vulnerability can impact you by compromising data integrity, as an attacker could delete user table entries. However, it does not affect the confidentiality or availability of the application.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70