Primary

Context

SAP Cloud Connector Missing Authorization Check Vulnerability Allowing Performance Impact

Vulnerability

A vulnerability exists in SAP Cloud Connector due to a missing authorization check. An attacker on an adjacent network with low privileges could send a crafted request to the endpoint that tests LDAP connections. Exploitation of this vulnerability could lead to a decrease in service performance, causing a low impact on availability. The vulnerability does not affect the confidentiality or integrity of data.

Impact

Exploitation of this vulnerability could result in a low impact on the availability of the service, causing reduced performance.

Remediation

Users are advised to review and implement the SAP Security Note related to this vulnerability, available through the SAP for Me platform. This vulnerability will also be addressed in the upcoming SAP Security Patch Day.

Added: Aug 12, 2025, 3:36 AM

Updated: Aug 12, 2025, 3:36 AM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

0.6

exploitability

3.5

remediation

0.0

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

0.6

exploitability

3.5

remediation

0.0

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SAP Cloud Connector Missing Authorization Check Vulnerability Allowing Performance Impact

Vulnerability

Impact

Remediation

Affected Products

SAP Cloud Connector

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating