cvelistv5 - cve-2025-31331

CVE-2025-31331 (GCVE-0-2025-31331)

Vulnerability from cvelistv5

Published

2025-04-08 07:15

Modified

2025-04-08 13:15

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-863 - Incorrect Authorization

Summary

SAP NetWeaver allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation. Once logged into the ABAP system, the attacker can run a specific transaction that exposes sensitive system code without proper authorization. This vulnerability compromises the confidentiality.

References

URL

Tags

	https://me.sap.com/notes/3577131
	https://url.sap/sapsecuritypatchday

Impacted products

	Vendor	Product	Version
	SAP_SE	SAP NetWeaver	Version: SAP_ABA 700 Version: 701 Version: 702 Version: 731 Version: 740 Version: 750 Version: 751 Version: 752 Version: 75C Version: 75D Version: 75E Version: 75F Version: 75G Version: 75H Version: 75I

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-31331",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-08T13:15:47.307694Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-08T13:15:55.752Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "SAP NetWeaver",
          "vendor": "SAP_SE",
          "versions": [
            {
              "status": "affected",
              "version": "SAP_ABA 700"
            },
            {
              "status": "affected",
              "version": "701"
            },
            {
              "status": "affected",
              "version": "702"
            },
            {
              "status": "affected",
              "version": "731"
            },
            {
              "status": "affected",
              "version": "740"
            },
            {
              "status": "affected",
              "version": "750"
            },
            {
              "status": "affected",
              "version": "751"
            },
            {
              "status": "affected",
              "version": "752"
            },
            {
              "status": "affected",
              "version": "75C"
            },
            {
              "status": "affected",
              "version": "75D"
            },
            {
              "status": "affected",
              "version": "75E"
            },
            {
              "status": "affected",
              "version": "75F"
            },
            {
              "status": "affected",
              "version": "75G"
            },
            {
              "status": "affected",
              "version": "75H"
            },
            {
              "status": "affected",
              "version": "75I"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eSAP NetWeaver allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation. Once logged into the ABAP system, the attacker can run a specific transaction that exposes sensitive system code without proper authorization. This vulnerability compromises the confidentiality.\u003c/p\u003e"
            }
          ],
          "value": "SAP NetWeaver allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation. Once logged into the ABAP system, the attacker can run a specific transaction that exposes sensitive system code without proper authorization. This vulnerability compromises the confidentiality."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "eng",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-08T07:15:23.750Z",
        "orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
        "shortName": "sap"
      },
      "references": [
        {
          "url": "https://me.sap.com/notes/3577131"
        },
        {
          "url": "https://url.sap/sapsecuritypatchday"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Authorization Bypass vulnerability in SAP NetWeaver",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
    "assignerShortName": "sap",
    "cveId": "CVE-2025-31331",
    "datePublished": "2025-04-08T07:15:23.750Z",
    "dateReserved": "2025-03-27T23:02:06.907Z",
    "dateUpdated": "2025-04-08T13:15:55.752Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-31331\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-08T13:15:47.307694Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-08T13:15:50.951Z\"}}], \"cna\": {\"title\": \"Authorization Bypass vulnerability in SAP NetWeaver\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"SAP_SE\", \"product\": \"SAP NetWeaver\", \"versions\": [{\"status\": \"affected\", \"version\": \"SAP_ABA 700\"}, {\"status\": \"affected\", \"version\": \"701\"}, {\"status\": \"affected\", \"version\": \"702\"}, {\"status\": \"affected\", \"version\": \"731\"}, {\"status\": \"affected\", \"version\": \"740\"}, {\"status\": \"affected\", \"version\": \"750\"}, {\"status\": \"affected\", \"version\": \"751\"}, {\"status\": \"affected\", \"version\": \"752\"}, {\"status\": \"affected\", \"version\": \"75C\"}, {\"status\": \"affected\", \"version\": \"75D\"}, {\"status\": \"affected\", \"version\": \"75E\"}, {\"status\": \"affected\", \"version\": \"75F\"}, {\"status\": \"affected\", \"version\": \"75G\"}, {\"status\": \"affected\", \"version\": \"75H\"}, {\"status\": \"affected\", \"version\": \"75I\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://me.sap.com/notes/3577131\"}, {\"url\": \"https://url.sap/sapsecuritypatchday\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"SAP NetWeaver allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation. Once logged into the ABAP system, the attacker can run a specific transaction that exposes sensitive system code without proper authorization. This vulnerability compromises the confidentiality.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eSAP NetWeaver allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation. Once logged into the ABAP system, the attacker can run a specific transaction that exposes sensitive system code without proper authorization. This vulnerability compromises the confidentiality.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"eng\", \"type\": \"CWE\", \"cweId\": \"CWE-863\", \"description\": \"CWE-863: Incorrect Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"e4686d1a-f260-4930-ac4c-2f5c992778dd\", \"shortName\": \"sap\", \"dateUpdated\": \"2025-04-08T07:15:23.750Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-31331\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-08T13:15:55.752Z\", \"dateReserved\": \"2025-03-27T23:02:06.907Z\", \"assignerOrgId\": \"e4686d1a-f260-4930-ac4c-2f5c992778dd\", \"datePublished\": \"2025-04-08T07:15:23.750Z\", \"assignerShortName\": \"sap\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2025-AVI-0285

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

L'éditeur indique que la vulnérabilité CVE-2025-31324 est activement exploitée.

Impacted products

Vendor	Product	Description
SAP	S/4HANA (Private Cloud)	S/4HANA (Learning Solution) versions S4HCMGXX 100 et 101 sans le dernier correctif de sécurité
SAP	NetWeaver Application Server pour ABAP	NetWeaver Application Server ABAP (applications based on GUI for HTML) versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93 et 9.14 sans le dernier correctif de sécurité
SAP	SAP BusinessObjects Business Intelligence	BusinessObjects Business Intelligence platform (Central Management Console) versions ENTERPRISE 430 et 2025 sans le dernier correctif de sécurité
SAP	NetWeaver Application Server pour ABAP	NetWeaver Application Server ABAP (Virus Scan Interface) versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757 et SAP_BASIS 758 sans le dernier correctif de sécurité
SAP	NetWeaver et ABAP	NetWeaver et ABAP Platform (Service Data Collection) versions ST-PI 2008_1_700, 2008_1_710 et 740 sans le dernier correctif de sécurité
SAP	NetWeaver Application Server pour ABAP	NetWeaver versions SAP_ABA 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H et 75I sans le dernier correctif de sécurité
SAP	S4CORE entity	S4CORE entity versions S4CORE 107 et 108 sans le dernier correctif de sécurité
SAP	Commerce Cloud	Commerce Cloud versions HY_COM 2205 et COM_CLOUD 2211 sans le dernier correctif de sécurité
SAP	ERP BW Business Content	ERP BW Business Content versions BI_CONT 707, 737, 747 et 757 sans le dernier correctif de sécurité
SAP	Commerce Cloud	Commerce Cloud (Public Cloud) version COM_CLOUD 2211 sans le dernier correctif de sécurité
SAP	N/A	Field Logistics versions S4CORE 107 et 108 sans le dernier correctif
SAP	NetWeaver Application Server pour ABAP	NetWeaver Application Server ABAP versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89 et 7.93 sans le dernier correctif de sécurité
SAP	NetWeaver et ABAP	NetWeaver (Visual Composer development server) versions VCFRAMEWORK 7.50 sans le dernier correctif de sécurité
SAP	NetWeaver et ABAP	NetWeaver et ABAP Platform (Application Server ABAP) versions KRNL64UC 7.53, KERNEL 7.53 et 7.54 sans le dernier correctif de sécurité
SAP	Solution Manager	Solution Manager versions ST 720, SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758 et SAP_BASIS 914 sans le dernier correctif de sécurité
SAP	Capital Yield Tax Management	Capital Yield Tax Management versions CYTERP 420_700, CYT 800, IBS 7.0 et CYT4HANA 100 sans le dernier correctif de sécurité
SAP	SAP BusinessObjects Business Intelligence	BusinessObjects Business Intelligence Platform version ENTERPRISE 430 sans le dernier correctif de sécurité
SAP	S/4HANA (Private Cloud)	S/4HANA (Private Cloud) versions S4CORE 102, 103, 104, 105, 106, 107 et 108 sans le dernier correctif de sécurité
SAP	CRM	CRM et S/4HANA (Interaction Center) versions S4CRM 100, 200, 204, 205, 206, S4FND 102, 103, 104, 105, 106, 107, 108, S4CEXT 107, 108, BBPCRM 701, 702, 712, 713, 714, WEBCUIF 701, 731, 746, 747, 748, 800 et 801 sans le dernier correctif de sécurité
SAP	KMC WPC	KMC WPC version KMC-WPC 7.50 sans le dernier correctif de sécurité
SAP	Landscape Transformation	Landscape Transformation (Analysis Platform) versions DMIS 2011_1_700, 2011_1_710, 2011_1_730 et 2011_1_731 sans le dernier correctif de sécurité

References

Title

Publication Time

Tags

Bulletin de sécurité SAP april-2025	2025-04-08	vendor-advisory
FAQ sur l'exploitation de la vulnérabilité CVE-2025-31324	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "S/4HANA (Learning Solution) versions S4HCMGXX 100 et 101 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "S/4HANA (Private Cloud)",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "NetWeaver Application Server ABAP (applications based on GUI for HTML) versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93 et 9.14 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "NetWeaver Application Server pour ABAP",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "BusinessObjects Business Intelligence platform (Central Management Console) versions ENTERPRISE 430 et 2025 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "SAP BusinessObjects Business Intelligence",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "NetWeaver Application Server ABAP (Virus Scan Interface) versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757 et SAP_BASIS 758 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "NetWeaver Application Server pour ABAP",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "NetWeaver et ABAP Platform (Service Data Collection) versions ST-PI 2008_1_700, 2008_1_710 et 740 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "NetWeaver et ABAP",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "NetWeaver versions SAP_ABA 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H et 75I sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "NetWeaver Application Server pour ABAP",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "S4CORE entity versions S4CORE 107 et 108 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "S4CORE entity",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Commerce Cloud versions HY_COM 2205 et COM_CLOUD 2211 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Commerce Cloud",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "ERP BW Business Content versions BI_CONT 707, 737, 747 et 757 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "ERP BW Business Content",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Commerce Cloud (Public Cloud) version COM_CLOUD 2211 sans le dernier correctif de s\u00e9curit\u00e9\n",
      "product": {
        "name": "Commerce Cloud",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Field Logistics versions S4CORE 107 et 108 sans le dernier correctif",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "NetWeaver Application Server ABAP versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89 et 7.93 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "NetWeaver Application Server pour ABAP",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "NetWeaver (Visual Composer development server) versions VCFRAMEWORK 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "NetWeaver et ABAP",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "NetWeaver et ABAP Platform (Application Server ABAP) versions KRNL64UC 7.53, KERNEL 7.53 et 7.54 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "NetWeaver et ABAP",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Solution Manager versions ST 720, SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758 et SAP_BASIS 914 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Solution Manager",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Capital Yield Tax Management versions CYTERP 420_700, CYT 800, IBS 7.0 et CYT4HANA 100 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Capital Yield Tax Management",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "BusinessObjects Business Intelligence Platform version ENTERPRISE 430 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "SAP BusinessObjects Business Intelligence",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "S/4HANA (Private Cloud) versions S4CORE 102, 103, 104, 105, 106, 107 et 108 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "S/4HANA (Private Cloud)",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "CRM et S/4HANA (Interaction Center) versions S4CRM 100, 200, 204, 205, 206, S4FND 102, 103, 104, 105, 106, 107, 108, S4CEXT 107, 108, BBPCRM 701, 702, 712, 713, 714, WEBCUIF 701, 731, 746, 747, 748, 800 et 801 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "CRM",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "KMC WPC version KMC-WPC 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "KMC WPC",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Landscape Transformation (Analysis Platform) versions DMIS 2011_1_700, 2011_1_710, 2011_1_730 et 2011_1_731 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Landscape Transformation",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "L\u0027\u00e9diteur indique que la vuln\u00e9rabilit\u00e9 CVE-2025-31324 est activement exploit\u00e9e.",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-30015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30015"
    },
    {
      "name": "CVE-2025-31333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31333"
    },
    {
      "name": "CVE-2025-27429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27429"
    },
    {
      "name": "CVE-2025-27428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27428"
    },
    {
      "name": "CVE-2025-0064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0064"
    },
    {
      "name": "CVE-2025-23186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23186"
    },
    {
      "name": "CVE-2025-27435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27435"
    },
    {
      "name": "CVE-2025-26654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26654"
    },
    {
      "name": "CVE-2025-26653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26653"
    },
    {
      "name": "CVE-2025-31324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31324"
    },
    {
      "name": "CVE-2025-30014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30014"
    },
    {
      "name": "CVE-2024-56337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
    },
    {
      "name": "CVE-2025-27437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27437"
    },
    {
      "name": "CVE-2025-30016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30016"
    },
    {
      "name": "CVE-2025-31332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31332"
    },
    {
      "name": "CVE-2025-26657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26657"
    },
    {
      "name": "CVE-2025-31328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31328"
    },
    {
      "name": "CVE-2025-30013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30013"
    },
    {
      "name": "CVE-2025-30017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30017"
    },
    {
      "name": "CVE-2025-27430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27430"
    },
    {
      "name": "CVE-2025-31331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31331"
    },
    {
      "name": "CVE-2025-31330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31330"
    },
    {
      "name": "CVE-2025-31327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31327"
    }
  ],
  "initial_release_date": "2025-04-08T00:00:00",
  "last_revision_date": "2025-04-25T00:00:00",
  "links": [
    {
      "title": "FAQ sur l\u0027exploitation de la vuln\u00e9rabilit\u00e9 CVE-2025-31324",
      "url": "https://me.sap.com/notes/3596125"
    }
  ],
  "reference": "CERTFR-2025-AVI-0285",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-04-08T00:00:00.000000"
    },
    {
      "description": "Ajout des vuln\u00e9rabilit\u00e9s CVE-2025-31324, CVE-2025-31328 et CVE-2025-31327",
      "revision_date": "2025-04-25T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
  "vendor_advisories": [
    {
      "published_at": "2025-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 SAP april-2025",
      "url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/april-2025.html"
    }
  ]
}

CERTFR-2025-AVI-0867

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
SAP	SAP NetWeaver AS Java	NetWeaver AS Java version SERVERCORE 7.50 sans le dernier correctif de sécurité
SAP	Financial Service Claims Management	Financial Service Claims Management versions INSURANCE 803, 804, 805, 806, S4CEXT 107, 108 et 109 sans le dernier correctif de sécurité
SAP	Print Service	Print Service versions SAPSPRINT 8.00 et 8.10 sans le dernier correctif de sécurité
SAP	Data Hub Integration Suite	Data Hub Integration Suite version CX_DATAHUB_INT_PACK 2205 sans le dernier correctif de sécurité
SAP	BusinessObjects	BusinessObjects versions ENTERPRISE 430, 2025 et 2027 sans le dernier correctif de sécurité
SAP	NetWeaver Application Server pour ABAP	Application Server pour ABAP versions KRNL64UC 7.53, KERNEL 7.53, 7.54, 7.77, 7.89, 7.93 et 9.16 sans le dernier correctif de sécurité
SAP	NetWeaver	NetWeaver versions SAP_ABA 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H et 75I sans le dernier correctif de sécurité
SAP	S/4HANA	S/4HANA versions S4CORE 104, 105, 106, 107, 108 et 109 sans le dernier correctif de sécurité
SAP	Cloud Appliance Library Appliances	Cloud Appliance Library Appliances version TITANIUM_WEBAPP 4.0 sans le dernier correctif de sécurité
SAP	Commerce Cloud	Commerce Cloud versions HY_COM 2205, COM_CLOUD 2211 et 2211-JDK21 sans le dernier correctif de sécurité
SAP	NetWeaver Application Server pour ABAP	Application Server pour ABAP versions SAP_BASIS 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 758 et 816 sans le dernier correctif de sécurité
SAP	NetWeaver Application Server ABAP et ABAP Platform	NetWeaver Application Server ABAP and ABAP Platform versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93, 9.14, 9.15 et 9.16 sans le dernier correctif de sécurité
SAP	Supplier Relationship Management	Supplier Relationship Management versions SRMNXP01 100 et 150 sans le dernier correctif de sécurité
SAP	NetWeaver Application Server ABAP	NetWeaver Application Server ABAP versions RNL64UC 7.53, KERNEL 7.53, 7.54, 7.77, 7.89, 7.93, 9.12 et 9.14 sans le dernier correctif de sécurité

References

Title

Publication Time

Tags

Bulletin de sécurité SAP october-2025

2025-10-14

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "NetWeaver AS Java version SERVERCORE 7.50 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "SAP NetWeaver AS Java",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Financial Service Claims Management versions INSURANCE 803, 804, 805, 806, S4CEXT 107, 108 et 109 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Financial Service Claims Management",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Print Service versions SAPSPRINT 8.00 et 8.10 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Print Service",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Data Hub Integration Suite version CX_DATAHUB_INT_PACK 2205 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Data Hub Integration Suite",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "BusinessObjects versions ENTERPRISE 430, 2025 et 2027 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "BusinessObjects",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Application Server pour ABAP versions KRNL64UC 7.53, KERNEL 7.53, 7.54, 7.77, 7.89, 7.93 et 9.16 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "NetWeaver Application Server pour ABAP",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "NetWeaver versions SAP_ABA 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H et 75I sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "NetWeaver",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "S/4HANA versions S4CORE 104, 105, 106, 107, 108 et 109 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "S/4HANA",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Appliance Library Appliances version TITANIUM_WEBAPP 4.0 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Cloud Appliance Library Appliances",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Commerce Cloud versions HY_COM 2205, COM_CLOUD 2211 et 2211-JDK21 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Commerce Cloud",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Application Server pour ABAP versions SAP_BASIS 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 758 et 816 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "NetWeaver Application Server pour ABAP",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "NetWeaver Application Server ABAP and ABAP Platform versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93, 9.14, 9.15 et 9.16 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "NetWeaver Application Server ABAP et ABAP Platform",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "Supplier Relationship Management versions SRMNXP01 100 et 150 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Supplier Relationship Management",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "NetWeaver Application Server ABAP versions RNL64UC 7.53, KERNEL 7.53, 7.54, 7.77, 7.89, 7.93, 9.12 et 9.14 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "NetWeaver Application Server ABAP",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-42944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-42944"
    },
    {
      "name": "CVE-2025-42906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-42906"
    },
    {
      "name": "CVE-2025-42902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-42902"
    },
    {
      "name": "CVE-2025-42903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-42903"
    },
    {
      "name": "CVE-2025-42910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-42910"
    },
    {
      "name": "CVE-2025-42909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-42909"
    },
    {
      "name": "CVE-2025-5115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5115"
    },
    {
      "name": "CVE-2025-42984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-42984"
    },
    {
      "name": "CVE-2025-42908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-42908"
    },
    {
      "name": "CVE-2025-42937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-42937"
    },
    {
      "name": "CVE-2025-0059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0059"
    },
    {
      "name": "CVE-2025-48913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48913"
    },
    {
      "name": "CVE-2025-42939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-42939"
    },
    {
      "name": "CVE-2025-31672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
    },
    {
      "name": "CVE-2025-31331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31331"
    },
    {
      "name": "CVE-2025-42901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-42901"
    }
  ],
  "initial_release_date": "2025-10-14T00:00:00",
  "last_revision_date": "2025-10-14T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0867",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-10-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
  "vendor_advisories": [
    {
      "published_at": "2025-10-14",
      "title": "Bulletin de s\u00e9curit\u00e9 SAP october-2025",
      "url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/october-2025.html"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-31331 (GCVE-0-2025-31331)

Vulnerability from cvelistv5

CERTFR-2025-AVI-0285

Vulnerability from certfr_avis

Solutions

CERTFR-2025-AVI-0867

Vulnerability from certfr_avis

Solutions

Tags

Sightings

Nomenclature