Volerion logoVolerion
Volerion logoVolerion

SAP NetWeaver Application Server for ABAP Missing Authorization Check Vulnerability Allowing Unauthorized Database Access

Vulnerability

A vulnerability exists in SAP NetWeaver Application Server for ABAP due to a missing authorization check. This flaw allows authenticated attackers to execute specific ABAP function modules and access sensitive information from the database catalog of the ABAP system. The vulnerability has a low impact on the application's confidentiality, with no effect on integrity or availability.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive database information, although it is assessed to have a low impact on confidentiality.

Remediation

Users are advised to consult the SAP Security Notes for guidance on applying necessary patches. SAP Security Notes can be accessed through the SAP for Me platform, specifically on SAP Security Patch Days, which occur on the second Tuesday of each month.

Added: Mar 10, 2026, 5:44 PM
Updated: Mar 10, 2026, 5:44 PM

Vulnerability Rating

Custom Algorithm
spread
6.2
impact
0.6
exploitability
5.2
remediation
0.0
relevance
3.7
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.