CVE-2025-42927 | THREATINT

Description

SAP NetWeaver AS Java application uses Adobe Document Service, installed with a vulnerable version of OpenSSL.Successful exploitation of known vulnerabilities in the outdated OpenSSL library would allow user with high system privileges to access and modify system information.This vulnerability has a low impact on confidentiality and integrity, with no impact on availability.

PUBLISHED Reserved 2025-04-16 | Published 2025-09-09 | Updated 2025-09-09 | Assigner sap

LOW: 3.4CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Problem types

CWE-1395: Dependency on Vulnerable Third-Party Component

Product status

Default status

unaffected

ADSSAP 7.50

affected

References

me.sap.com/notes/3525295

url.sap/sapsecuritypatchday

cve.org (CVE-2025-42927)

nvd.nist.gov (CVE-2025-42927)

Download JSON