安全研究
安全漏洞
SAP NetWeaver Application server for ABAP授权错误漏洞(CVE-2025-42961)
发布日期:2025-07-07
更新日期:2025-08-25
受影响系统:SAP NetWeaver Application Server for ABAP 816
SAP NetWeaver Application Server for ABAP 758
SAP NetWeaver Application Server for ABAP 757
SAP NetWeaver Application Server for ABAP 756
SAP NetWeaver Application Server for ABAP 755
SAP NetWeaver Application Server for ABAP 754
SAP NetWeaver Application Server for ABAP 753
SAP NetWeaver Application Server for ABAP 752
SAP NetWeaver Application Server for ABAP 751
SAP NetWeaver Application Server for ABAP 750
SAP NetWeaver Application Server for ABAP 740
SAP NetWeaver Application Server for ABAP 731
SAP NetWeaver Application Server for ABAP 702
SAP NetWeaver Application Server for ABAP 701
SAP NetWeaver Application Server for ABAP 700
描述:
CVE(CAN) ID:
CVE-2025-42961
SAP NetWeaver Application Server for ABAP是德国思爱普(SAP)公司的一个运行和开发基于ABAP语言的应用程序的平台。
SAP NetWeaver Application Server for ABAP多个版本存在授权错误漏洞,该漏洞源于缺少授权检查,高权限攻击者可利用该漏洞访问敏感数据库表,影响数据机密性。
<**>
建议:
厂商补丁:
SAP
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
https://support.sap.com/en/my-support/knowledge-base/security-notes-news/july-2025.html浏览次数:26
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障 |
