1. Home
  2. CVE Database
  3. CVE-2025-42947
MEDIUM · 5.5

CVE-2025-42947

SAP FICA ODN framework allows a high privileged user to inject value inside the local variable which can then be executed by the application. An attacker could thereby control the behaviour of the app...

Vulnerability Description

SAP FICA ODN framework allows a high privileged user to inject value inside the local variable which can then be executed by the application. An attacker could thereby control the behaviour of the application causing high impact on integrity, low impact on availability and no impact on confidentiality of the application.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
LOW

Related Weaknesses (CWE)

CWE-94

References

FAQ

What is CVE-2025-42947?

CVE-2025-42947 is a vulnerability with a CVSS score of 5.5 (MEDIUM). SAP FICA ODN framework allows a high privileged user to inject value inside the local variable which can then be executed by the application. An attacker could thereby control the behaviour of the app...

How severe is CVE-2025-42947?

CVE-2025-42947 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-42947?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.