9.6
CVE-2026-0509
- EPSS 0.02%
- Veröffentlicht 10.02.2026 03:01:52
- Zuletzt bearbeitet 17.02.2026 16:04:59
- Quelle cna@sap.com
- CVE-Watchlists
- Unerledigt
SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated, low-privileged user to perform background Remote Function Calls without the required S_RFC authorization in certain cases. This can result in a high impact on integrity and availability, and no impact on the confidentiality of the application.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch National Vulnerability Database (NVD)
SAP ≫ Netweaver As Abap Kernel Version7.22
SAP ≫ Netweaver As Abap Kernel Version7.53
SAP ≫ Netweaver As Abap Kernel Version7.54
SAP ≫ Netweaver As Abap Kernel Version7.77
SAP ≫ Netweaver As Abap Kernel Version7.89
SAP ≫ Netweaver As Abap Kernel Version7.93
SAP ≫ Netweaver As Abap Kernel Version9.16
SAP ≫ Netweaver As Abap Kernel Version9.18
SAP ≫ Netweaver As Abap Kernel Version9.19
SAP ≫ Netweaver As Abap Krnl64nuc Version7.22
SAP ≫ Netweaver As Abap Krnl64nuc Version7.22ext
SAP ≫ Netweaver As Abap Krnl64uc Version7.22
SAP ≫ Netweaver As Abap Krnl64uc Version7.22ext
SAP ≫ Netweaver As Abap Krnl64uc Version7.53
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.036 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cna@sap.com | 9.6 | 3.1 | 5.8 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
|
CWE-862 Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.