Vulnerabilities > CVE-2025-30015

CVSS 4.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

HIGH

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

LOW

network

high complexity

CWE-787

NVD

Published: 2025-04-08

Updated: 2025-04-08

Summary

Due to incorrect memory address handling in ABAP SQL of SAP NetWeaver and ABAP Platform (Application Server ABAP), an authenticated attacker with high privileges could execute certain forms of SQL queries leading to manipulation of content in the output variable. This vulnerability has a low impact on the confidentiality, integrity and the availability of the application.

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://me.sap.com/notes/3565944
https://url.sap/sapsecuritypatchday

Vulnerabilities > CVE-2025-30015 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2025-30015"}]}

Summary

Common Weakness Enumeration (CWE)

References

Vulnerabilities > CVE-2025-30015