1. Home
  2. CVE Database
  3. CVE-2025-31331
MEDIUM · 4.3

CVE-2025-31331

SAP NetWeaver allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation. Once logged into the ABAP system, the at...

Vulnerability Description

SAP NetWeaver allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation. Once logged into the ABAP system, the attacker can run a specific transaction that exposes sensitive system code without proper authorization. This vulnerability compromises the confidentiality.

CVSS Score

4.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE

Related Weaknesses (CWE)

CWE-863

References

FAQ

What is CVE-2025-31331?

CVE-2025-31331 is a vulnerability with a CVSS score of 4.3 (MEDIUM). SAP NetWeaver allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation. Once logged into the ABAP system, the at...

How severe is CVE-2025-31331?

CVE-2025-31331 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-31331?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.