CVE-2025-24872
published 2025-02-11CVE-2025-24872: The ABAP Build Framework in SAP ABAP Platform allows an authenticated attacker to gain unauthorized access to a specific transaction. By executing the add-on…
medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
The ABAP Build Framework in SAP ABAP Platform allows an authenticated attacker to gain unauthorized access to a specific transaction. By executing the add-on build functionality within the ABAP Build Framework, an attacker could call the transaction and view its details. This has a limited impact on the confidentiality of the application with no effect on the integrity and availability of the application.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap_se | sap_abap_platform | — | — |
| sap_se | sap_abap_platform | — | — |
| sap_se | sap_abap_platform | — | — |
| sap_se | sap_abap_platform | — | — |
| sap_se | sap_abap_platform | — | — |
| sap_se | sap_abap_platform | — | — |
| sap_se | sap_abap_platform | — | — |
| sap_se | sap_abap_platform | — | — |
| sap_se | sap_abap_platform | — | — |