- Description
- Due to directory traversal vulnerability, an authorized attacker could gain access to some critical information by using RFC enabled function module. Upon successful exploitation, they could read files from any managed system connected to SAP Solution Manager, leading to high impact on confidentiality. There is no impact on integrity or availability.
- Source
- cna@sap.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 7.7
- Impact score
- 4
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
- Severity
- HIGH
- cna@sap.com
- CWE-862
- Hype score
- Not currently trending
🚨 CVE-2025-27428 🔴 HIGH (7.7) 🏢 SAP_SE - SAP NetWeaver and ABAP Platform (Service Data Collection) 🏗️ ST-PI 2008_1_700 🔗 https://t.co/X3DJdTKxJP 🔗 https://t.co/f5sXJgkGmG #CyberCron #VulnAlert #InfoSec https://t.co/aue36dhH1C
@cybercronai
8 Apr 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
�� CVE-2025-27428 - SAP Solution Manager - HIGH 🚨 🗓️ Date published 2025-04-08 08:15:16 UTC #SAPSolutionManager #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/eD4I8Vg5ms
@vulns_space
8 Apr 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes