CVE-2025-30016

Published Apr 8, 2025

Last updated 3 months ago

CVSS critical 9.8

Overview

Description
SAP Financial Consolidation allows an unauthenticated attacker to gain unauthorized access to the Admin account. The vulnerability arises due to improper authentication mechanisms, due to which there is high impact on the Confidentiality, Integrity & Availability of the application.
Source
cna@sap.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

cna@sap.com
CWE-921

Social media

Hype score
Not currently trending

  1. This week's major security updates: Fortinet patched a critical FortiSwitch flaw (CVE-2024-48887, 9.8 CVSS), WhatsApp fixed a malware trick (CVE-2025-30401), SAP addressed code injection (CVE-2025-27429, CVE-2025-31330) & auth bypass (CVE-2025-30016).

    @CyberWatch_News

    10 Apr 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 CVE-2025-30016 ⚠️🔴 CRITICAL (9.8) 🏢 SAP_SE - SAP Financial Consolidation 🏗️ FINANCE 1010 🔗 https://t.co/pvk5BgL0mm 🔗 https://t.co/f5sXJgkGmG #CyberCron #VulnAlert #InfoSec https://t.co/ePMYB8rzda

    @cybercronai

    8 Apr 2025

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. SAPセキュリティパッチデー ・SAP S/4HANAコードインジェクション脆弱性(CVSSスコア9.9)CVE-2025-27429 ・SAP Financial Consolidationにおける認証バイパス(CVSS 9.8)CVE-2025-30016 アップデートはこちらから👉 https://t.co/mzKwolYQQr

    @t_nihonmatsu

    8 Apr 2025

    214 Impressions

    0 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. �� CVE-2025-30016 - SAP Financial Consolidation - HIGH 🚨 🗓️ Date published 2025-04-08 08:15:17 UTC #SAPFinancialConsolidation #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/P273m6UzOb

    @vulns_space

    8 Apr 2025

    21 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  5. CVE-2025-30016 SAP Financial Consolidation allows an unauthenticated attacker to gain unauthorized access to the Admin account. The vulnerability arises due to improper authenticati… https://t.co/1SvbFUf7JW

    @CVEnew

    8 Apr 2025

    56 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.