Volerion logoVolerion
Volerion logoVolerion

SAP NetWeaver AS Java OpenSSL Vulnerability Allowing Unauthorized Access and Modification of System Information

Vulnerability

A vulnerability exists in the SAP NetWeaver AS Java application that utilizes Adobe Document Service, due to an outdated version of OpenSSL. This vulnerability allows users with high system privileges to exploit known issues in the old OpenSSL library, potentially leading to unauthorized access and modification of system information. While the vulnerability has a low impact on confidentiality and integrity, it does not affect availability.

Impact

Exploitation of this vulnerability could result in unauthorized access to and modification of system information.

Remediation

Users are advised to review and implement the latest SAP Security Notes. Security fixes for SAP NetWeaver based products are delivered with the support packages. For information on the latest SAP Security Patch Day, refer to the SAP Security Patch Day Bulletin Archive.

Added: Sep 9, 2025, 2:24 AM
Updated: Sep 9, 2025, 2:24 AM

Vulnerability Rating

Custom Algorithm
spread
5.7
impact
3.1
exploitability
4.4
remediation
0.0
relevance
0.5
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.