CVE-2025-43011Missing Authorization in SE SAP Landscape Transformation

CWE-862Missing Authorization3 documents3 sources
Severity
7.7HIGHNVD
EPSS
0.2%
top 59.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SAP SE SAP Landscape Transformation
Timeline
PublishedMay 13

Description

Under certain conditions, SAP Landscape Transformation's PCL Basis module does not perform the necessary authorization checks, allowing authenticated users to access restricted functionalities or data. This can lead to a high impact on confidentiality with no impact on the integrity or availability of the application.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:NExploitability: 3.1 | Impact: 4.0

Affected Packages1 packages

CVEListV5sap_se/sap_landscape_transformation13 versions+12

🔴Vulnerability Details

2
CVEList
Missing Authorization Check in SAP Landscape Transformation (PCL Basis)2025-05-13
GHSA
GHSA-fxhc-gwf9-69jh: Under certain conditions, SAP Landscape Transformation's PCL Basis module does not perform the necessary authorization checks, allowing authenticated2025-05-13
CVE-2025-43011 — Missing Authorization | cvebase