Unrated severityNVD Advisory· Published Mar 14, 2023· Updated Feb 27, 2025

SQL Injection vulnerability in SAP ABAP Platform

CVE-2023-25615

Description

Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791, allows an authenticated high privileged user to alter the current session of the user by injecting the malicious database queries over the network and gain access to the unintended data. This may lead to a high impact on the confidentiality and no impact on the availability and integrity of the application.

Affected products

SAP/ABAPllm-create
Range: 751, 753, 753, 754, 756, 757, 791
SAP/ABAP Platformcpe-rescue
Range: 751

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

launchpad.support.sap.commitre
www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000