Primary

Context

SAP Business Workflow and Flexible Workflow Sensitive Information Disclosure Vulnerability

Vulnerability

A vulnerability exists in SAP Business Workflow and SAP Flexible Workflow, allowing authenticated attackers to manipulate parameters in legitimate resource requests. This manipulation can lead to unauthorized access to sensitive information that is normally restricted. However, the attackers cannot modify or disrupt the availability of the information.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive information.

Remediation

Users are advised to review and implement the SAP Security Note associated with this vulnerability. This can be done through the SAP for Me platform, where all Security Notes are available. For details on the next SAP Security Patch Day, refer to the SAP Security Patch Day Bulletin Archive.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SAP Business Workflow and Flexible Workflow Sensitive Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating