Primary

Context

SAP ABAP Reports Input Validation Vulnerability Allowing Arbitrary Database Table Deletion

Vulnerability

A vulnerability exists in SAP ABAP reports due to inadequate input validation. An attacker with high privilege access could delete the contents of arbitrary database tables, provided those tables are not safeguarded by an authorization group. This flaw significantly undermines the integrity and availability of the database, although it does not affect confidentiality.

Impact

Exploitation of this vulnerability could result in the unauthorized deletion of database table contents, causing a high impact on database integrity and availability.

Remediation

Users are advised to review and implement the SAP Security Note associated with this vulnerability. This can be done through the SAP Security Patch Day, which occurs on the second Tuesday of each month. For more information, consult the SAP Security Notes FAQ.

Added: Sep 9, 2025, 2:33 AM

Updated: Sep 9, 2025, 2:33 AM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

5.0

exploitability

4.4

remediation

0.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

5.0

exploitability

4.4

remediation

0.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SAP ABAP Reports Input Validation Vulnerability Allowing Arbitrary Database Table Deletion

Vulnerability

Impact

Remediation

Affected Products

SAP ABAP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating