1. Home
  2. CVE Database
  3. CVE-2025-42953
HIGH · 8.1

CVE-2025-42953

SAP Netweaver System Configuration does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This could completely compromise the integrity and ...

Vulnerability Description

SAP Netweaver System Configuration does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This could completely compromise the integrity and availability with no impact on confidentiality of the system.

CVSS Score

8.1

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
HIGH

Related Weaknesses (CWE)

CWE-862

References

FAQ

What is CVE-2025-42953?

CVE-2025-42953 is a vulnerability with a CVSS score of 8.1 (HIGH). SAP Netweaver System Configuration does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This could completely compromise the integrity and ...

How severe is CVE-2025-42953?

CVE-2025-42953 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-42953?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.