Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-0058

In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a parameter in an otherwise legitimate resource request to view sensitive information that should otherwise be restricted. The attacker does not have the ability to modify the information or to make the information unavailable.

Published

2025-01-14T01:15:16.040

Last Modified

2025-10-24T19:22:46.037

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-639

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	sap	sap_basis	753	Yes
Application	sap	sap_basis	754	Yes
Application	sap	sap_basis	755	Yes
Application	sap	sap_basis	756	Yes
Application	sap	sap_basis	757	Yes
Application	sap	sap_basis	758	Yes
Application	sap	sap_basis	912	Yes
Application	sap	sap_basis	913	Yes
Application	sap	sap_basis	914	Yes

References

https://me.sap.com/notes/3542698 Permissions Required ([email protected])
https://url.sap/sapsecuritypatchday Patch ([email protected])