Unrated severityNVD Advisory· Published Jul 8, 2025· Updated Jul 8, 2025
Missing Authorization check in SAP NetWeaver and ABAP Platform
CVE-2025-42986
Description
Due to a missing authorization check in an obsolete RFC enabled function module in SAP BASIS, an authenticated low-privileged attacker could call a Remote Function Call (RFC), potentially accessing restricted system information. This results in low impact on confidentiality, with no impact on integrity or availability of the application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: SAP_BASIS 700
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.