安全研究
安全漏洞
SAP NetWeaver Business Warehouse无限循环漏洞(CVE-2025-42954)
发布日期:2025-07-07
更新日期:2025-08-25
受影响系统:SAP NetWeaver Business Warehouse SAP_BW_VIRTUAL_COMP 701
SAP NetWeaver Business Warehouse SAP_BW 700
SAP NetWeaver Business Warehouse DW4CORE 100
SAP NetWeaver Business Warehouse 816
SAP NetWeaver Business Warehouse 758
SAP NetWeaver Business Warehouse 757
SAP NetWeaver Business Warehouse 756
SAP NetWeaver Business Warehouse 755
SAP NetWeaver Business Warehouse 754
SAP NetWeaver Business Warehouse 753
SAP NetWeaver Business Warehouse 752
SAP NetWeaver Business Warehouse 751
SAP NetWeaver Business Warehouse 750
SAP NetWeaver Business Warehouse 740
SAP NetWeaver Business Warehouse 731
SAP NetWeaver Business Warehouse 702
SAP NetWeaver Business Warehouse 701
SAP NetWeaver Business Warehouse 400
SAP NetWeaver Business Warehouse 300
SAP NetWeaver Business Warehouse 200
描述:
CVE(CAN) ID:
CVE-2025-42954
SAP NetWeaver Business Warehouse是德国思爱普(SAP)公司的一款数据仓库解决方案。
SAP NetWeaver Business Warehouse多个版本存在无限循环漏洞,攻击者可利用该漏洞执行无输入参数的RFC功能模块导致高CPU负载,影响性能或中断操作。
<**>
建议:
厂商补丁:
SAP
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
https://support.sap.com/en/my-support/knowledge-base/security-notes-news/july-2025.html浏览次数:30
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障 |
