- Description
- A Missing Authorization Check vulnerability exists in the Virus Scanner Interface of SAP NetWeaver Application Server ABAP. Because of this, an attacker authenticated as a non-administrative user can initiate a transaction, allowing them to access but not modify non-sensitive data without further authorization and with no effect on availability.
- Source
- cna@sap.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
- cna@sap.com
- CWE-862
- Hype score
- Not currently trending
🚨 CVE-2025-27437 🟠 MEDIUM (4.3) 🏢 SAP_SE - SAP NetWeaver Application Server ABAP (Virus Scan Interface) 🏗️ SAP_BASIS 700 🔗 https://t.co/ifXLj4Y4kS 🔗 https://t.co/f5sXJgkGmG #CyberCron #VulnAlert #InfoSec https://t.co/X5ynPLOnaY
@cybercronai
9 Apr 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-27437 A Missing Authorization Check vulnerability exists in the Virus Scanner Interface of SAP NetWeaver Application Server ABAP. Because of this, an attacker authenticated… https://t.co/yb0fiSCv8P
@CVEnew
8 Apr 2025
162 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes