Detections
Analytics

CVE-2025-42954

low

Description

SAP NetWeaver Business Warehouse CCAW application allows a privileged attacker to cause a high CPU load by executing a RFC enabled function modules without any input parameters, which results in reduced performance or interrupted operation of the affected resource. This leads to low impact on availability of the application, there is no impact on confidentiality and integrity.

References

https://url.sap/sapsecuritypatchday

https://me.sap.com/notes/3608156

Details

Source: Mitre, NVD

Published: 2025-07-08

Updated: 2025-07-08

Risk Information

CVSS v2

Base Score: 3.3

Vector: CVSS2#AV:N/AC:L/Au:M/C:N/I:N/A:P

Severity: Low

CVSS v3

Base Score: 2.7

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

Severity: Low

EPSS

EPSS: 0.00036