CVE-2025-0053: SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker to gain unauthorized access to system information. By using a specific URL…

medium5.3CVSS 3.1

AVNACLPRNUINSUCLINAN

SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker to gain unauthorized access to system information. By using a specific URL parameter, an unauthenticated attacker could retrieve details such as system configuration. This has a limited impact on the confidentiality of the application and may be leveraged to facilitate further attacks or exploits.

Affected

26 ranges· showing 25

Vendor	Product	Version range	Fixed in
sap	sap_basis	—	—
sap	sap_basis	—	—
sap	sap_basis	—	—
sap	sap_basis	—	—
sap	sap_basis	—	—
sap	sap_basis	—	—
sap	sap_basis	—	—
sap	sap_basis	—	—
sap	sap_basis	—	—
sap	sap_basis	—	—
sap	sap_basis	—	—
sap	sap_basis	—	—
sap	sap_basis	—	—
sap_se	sap_netweaver_application_server_for_abap_and_abap_platform	—	—
sap_se	sap_netweaver_application_server_for_abap_and_abap_platform	—	—
sap_se	sap_netweaver_application_server_for_abap_and_abap_platform	—	—
sap_se	sap_netweaver_application_server_for_abap_and_abap_platform	—	—
sap_se	sap_netweaver_application_server_for_abap_and_abap_platform	—	—
sap_se	sap_netweaver_application_server_for_abap_and_abap_platform	—	—
sap_se	sap_netweaver_application_server_for_abap_and_abap_platform	—	—
sap_se	sap_netweaver_application_server_for_abap_and_abap_platform	—	—
sap_se	sap_netweaver_application_server_for_abap_and_abap_platform	—	—
sap_se	sap_netweaver_application_server_for_abap_and_abap_platform	—	—
sap_se	sap_netweaver_application_server_for_abap_and_abap_platform	—	—
sap_se	sap_netweaver_application_server_for_abap_and_abap_platform	—	—