CVE-2025-42983 | THREATINT

Description

SAP Business Warehouse and SAP Plug-In Basis allows an authenticated attacker to drop arbitrary SAP database tables, potentially resulting in a loss of data or rendering the system unusable. On successful exploitation, an attacker can completely delete database entries but is not able to read any data.

PUBLISHED Reserved 2025-04-16 | Published 2025-06-10 | Updated 2025-06-10 | Assigner sap

HIGH: 8.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H

Problem types

CWE-862: Missing Authorization

Product status

Default status

unaffected

PI_BASIS 2006_1_700

affected

701

affected

702

affected

731

affected

740

affected

SAP_BW 750

affected

751

affected

752

affected

753

affected

754

affected

755

affected

756

affected

757

affected

758

affected

914

affected

915

affected

References

me.sap.com/notes/3606484

url.sap/sapsecuritypatchday

cve.org (CVE-2025-42983)

nvd.nist.gov (CVE-2025-42983)

Download JSON