Primary

Context

SAP Application Server ABAP Information Disclosure Vulnerability

Vulnerability

A vulnerability allowing information disclosure has been identified in SAP Application Server ABAP. This issue arises from an authenticated attacker being able to read unmasked values presented in ABAP Lists. Exploitation of this vulnerability could lead to unauthorized data disclosure, significantly impacting confidentiality.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive data, with a high impact on confidentiality.

Remediation

Users are advised to consult the SAP Security Notes for guidance on applying necessary patches. SAP Security Patch Day occurs on the second Tuesday of each month, where security updates are released. For more information, visit the SAP Security Patch Day page on SAP for Me.

Added: Dec 9, 2025, 7:22 PM

Updated: Dec 9, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

4.9

remediation

7.9

relevance

1.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

4.9

remediation

7.9

relevance

1.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SAP Application Server ABAP Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

SAP Application Server ABAP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating