CVE-2025-42909 · CVEKit

cve.orgen

307 chars

SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an insecure S/4HANA default profile setting in an existing SAP CAL appliances to gain access to other appliances. This has low impact on confidentiality of the application, integrity and availability is not impacted.

NVDen

307 chars

SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an insecure S/4HANA default profile setting in an existing SAP CAL appliances to gain access to other appliances. This has low impact on confidentiality of the application, integrity and availability is not impacted.

CVSS metrics across sources

2

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	3.0	—	—	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N
3.1	Secondary	NVD	3.0	1.3	1.4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N