CVE-2025-42961

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application server for ABAP (affected versions not specified)

Description: The issue is caused by a missing authorization check, allowing an authenticated user with high privileges to exploit insufficient validation of user permissions and access sensitive database tables. This is made possible by overly permissive access configurations, resulting in unauthorized reading of critical data and a significant impact on the confidentiality of the information stored. The integrity and availability of the system remain unaffected.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.