← back
CVE-2025-0066

Information Disclosure vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication Framework)

CVSS 9.9 CRITICALEPSS 0.6%CWE-732
Under certain conditions SAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication Framework) allows an attacker to access restricted information due to weak access controls. This can have a significant impact on the confidentiality, integrity, and availability of an application
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Affected products
SAP_SE · SAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication Framework)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://me.sap.com/notes/3550708https://url.sap/sapsecuritypatchday