How severe is CVE-2025-42904?

CVE-2025-42904 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2025-42904

6.5MEDIUM

Due to an Information Disclosure vulnerability in Application Server ABAP, an authenticated attacker could read unmasked values displayed in ABAP Lists. Successful exploitation could lead to unauthori

Published: 12/9/2025Updated: 12/9/2025

Description

Due to an Information Disclosure vulnerability in Application Server ABAP, an authenticated attacker could read unmasked values displayed in ABAP Lists. Successful exploitation could lead to unauthorized disclosure of data, resulting in a high impact on confidentiality without affecting integrity or availability.

AI AnalysisPowered by AI

References

https://me.sap.com/notes/3662324
https://url.sap/sapsecuritypatchday