CVE-2025-42935

Medium CVSS 4.1

Overview

The SAP NetWeaver Application Server ABAP and ABAP Platform Internet Communication Manager (ICM) permits authorized users with admin privileges and local access to log files to read sensitive information, resulting in information disclosure. This leads to high impact on the confidentiality of the application, with no impact on integrity or availability.

CWE: CWE-532 Published: 2025-08-12T03:15:26.303

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 4.1 (MEDIUM)
Detected tags: info_leak (tag impact: LOW)

Recommended actions:

Reduce verbose errors, remove debug endpoints, minimize PII in logs.

Overview

Recommended tools

Tags