CVE-2025-43000 | THREATINT

Description

Under certain conditions Promotion Management Wizard (PMW) allows an attacker to access information which would otherwise be restricted.This has High impact on Confidentiality with Low impact on Integrity and Availability of the application.

PUBLISHED Reserved 2025-04-16 | Published 2025-05-13 | Updated 2025-05-13 | Assigner sap

HIGH: 7.9CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L

Problem types

CWE-862: Missing Authorization

Product status

Default status

unaffected

ENTERPRISE 430

affected

2025

affected

2027

affected

References

me.sap.com/notes/3586013

url.sap/sapsecuritypatchday

cve.org (CVE-2025-43000)

nvd.nist.gov (CVE-2025-43000)

Download JSON