Primary

Context

SAP NetWeaver Application Server for ABAP Background Processing Profile Parameter Exposure Vulnerability

Vulnerability

A vulnerability exists in SAP NetWeaver Application Server for ABAP, allowing authenticated users with access to background processing to unauthorizedly read profile parameters. This vulnerability impacts confidentiality, with no effect on integrity or availability.

Impact

Exploitation of this vulnerability leads to unauthorized read access of profile parameters, causing a low confidentiality impact.

Remediation

Users are advised to review and implement the SAP Security Note related to this vulnerability, available through the SAP for Me platform. This vulnerability will also be addressed in the next SAP Security Patch Day.

Added: Sep 9, 2025, 2:31 AM

Updated: Sep 9, 2025, 2:31 AM

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SAP NetWeaver Application Server for ABAP Background Processing Profile Parameter Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

SAP NetWeaver Application Server for ABAP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating