Home

Description

Due to incorrect memory address handling in ABAP SQL of SAP NetWeaver and ABAP Platform (Application Server ABAP), an authenticated attacker with high privileges could execute certain forms of SQL queries leading to manipulation of content in the output variable. This vulnerability has a low impact on the confidentiality, integrity and the availability of the application.

PUBLISHED Reserved 2025-03-13 | Published 2025-04-08 | Updated 2025-04-08 | Assigner sap




MEDIUM: 4.1CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L

Problem types

CWE-787: Out-of-bounds Write

Product status

Default status
unaffected

KRNL64UC 7.53
affected

KERNEL 7.53
affected

7.54
affected

References

me.sap.com/notes/3565944

url.sap/sapsecuritypatchday

cve.org (CVE-2025-30015)

nvd.nist.gov (CVE-2025-30015)

Download JSON