CVE-2025-42930
published 2025-09-09CVE-2025-42930: SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that causes a loop…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that causes a loop, consuming excessive resources and resulting in system unavailability. This leads to high impact on the availability of the application, there is no impact on confidentiality or integrity.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap_se | sap_business_planning_and_consolidation | — | — |
| sap_se | sap_business_planning_and_consolidation | — | — |
| sap_se | sap_business_planning_and_consolidation | — | — |
| sap_se | sap_business_planning_and_consolidation | — | — |
| sap_se | sap_business_planning_and_consolidation | — | — |
| sap_se | sap_business_planning_and_consolidation | — | — |
| sap_se | sap_business_planning_and_consolidation | — | — |
| sap_se | sap_business_planning_and_consolidation | — | — |
| sap_se | sap_business_planning_and_consolidation | — | — |
| sap_se | sap_business_planning_and_consolidation | — | — |
| sap_se | sap_business_planning_and_consolidation | — | — |
| sap_se | sap_business_planning_and_consolidation | — | — |
| sap_se | sap_business_planning_and_consolidation | — | — |
| sap_se | sap_business_planning_and_consolidation | — | — |