CVE-2025-23190
Missing Authorization check in SAP NetWeaver and ABAP platform (ST-PI)
Due to missing authorization check, an authenticated attacker could call a remote-enabled function module which allows them to access data that they would otherwise not have access to. The attacker cannot modify data or impact the availability of the system.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected products
SAP_SE · SAP NetWeaver and ABAP platform (ST-PI)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →