9.8
CVE-2025-30016
- EPSS 0.48%
- Veröffentlicht 08.04.2025 07:14:51
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle cna@sap.com
- CVE-Watchlists
- Unerledigt
Authentication Bypass Vulnerability in SAP Financial Consolidation
SAP Financial Consolidation allows an unauthenticated attacker to gain unauthorized access to the Admin account. The vulnerability arises due to improper authentication mechanisms, due to which there is high impact on the Confidentiality, Integrity & Availability of the application.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerSAP_SE
≫
Produkt
SAP Financial Consolidation
Default Statusunaffected
Version
FINANCE 1010
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.48% | 0.647 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cna@sap.com | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-921 Storage of Sensitive Data in a Mechanism without Access Control
The product stores sensitive information in a file system or device that does not have built-in access control.