1. Home
  2. CVE Database
  3. CVE-2025-0059
MEDIUM · 6.0

CVE-2025-0059

Applications based on SAP GUI for HTML in SAP NetWeaver Application Server ABAP store user input in the local browser storage to improve usability. An attacker with administrative privileges or access...

Vulnerability Description

Applications based on SAP GUI for HTML in SAP NetWeaver Application Server ABAP store user input in the local browser storage to improve usability. An attacker with administrative privileges or access to the victim�s user directory on the Operating System level would be able to read this data. Depending on the user input provided in transactions, the disclosed data could range from non-critical data to highly sensitive data, causing high impact on confidentiality of the application.

CVSS Score

6.0

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Related Weaknesses (CWE)

CWE-497

References

FAQ

What is CVE-2025-0059?

CVE-2025-0059 is a vulnerability with a CVSS score of 6.0 (MEDIUM). Applications based on SAP GUI for HTML in SAP NetWeaver Application Server ABAP store user input in the local browser storage to improve usability. An attacker with administrative privileges or access...

How severe is CVE-2025-0059?

CVE-2025-0059 has been rated MEDIUM with a CVSS base score of 6.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-0059?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.