SAP Application Server ABAP
0 remedies
cpe:2.3:a:sap:netweaver_application_server_abap:*:*:*:*:*:*:*, +1 more
0 remedies
SAP Application Server ABAP Code Injection Vulnerability Allowing Arbitrary Code Execution
Vulnerability
A code injection vulnerability has been identified in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform. This vulnerability allows authenticated attackers to send specially crafted inputs to the application. If these inputs are processed by the application, they could be delivered to users subscribed to the channel, resulting in execution of arbitrary code on behalf of those users. This exploitation would lead to a low integrity impact, with no effect on confidentiality or availability.
Impact
Exploitation of this vulnerability could allow an authenticated attacker to execute arbitrary code on behalf of other users.
Remediation
Users are advised to consult the SAP Security Notes for guidance on applying patches and addressing this vulnerability. SAP Security Notes can be accessed through the SAP for Me platform.
Added: May 12, 2026, 3:25 AM
Updated: May 12, 2026, 3:25 AM
Vulnerability Rating
Custom Algorithm
spread
5.7impact
0.6exploitability
4.5remediation
0.0relevance
8.1threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.