{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T13:59:38.800","vulnerabilities":[{"cve":{"id":"CVE-2025-25244","sourceIdentifier":"cna@sap.com","published":"2025-03-11T01:15:34.927","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"SAP Business Warehouse (Process Chains) allows an attacker to manipulate the process execution due to missing authorization check. An attacker with display authorization for the process chain object could set one or all processes to be skipped. This means corresponding activities, such as data loading, activation, or deletion, will not be executed as initially modeled. This could lead to unexpected results in business reporting leading to a significant impact on integrity. However, there is no impact on confidentiality or availability."},{"lang":"es","value":"SAP Business Warehouse (Cadenas de procesos) permite a un atacante manipular la ejecución del proceso debido a la falta de verificación de autorización. Un atacante con autorización de visualización para el objeto de cadena de procesos podría configurar uno o todos los procesos para que se omitan. Esto significa que las actividades correspondientes, como la carga, activación o eliminación de datos, no se ejecutarán como se modeló inicialmente. Esto podría generar resultados inesperados en los informes comerciales que generen un impacto significativo en la integridad. Sin embargo, no hay impacto en la confidencialidad o disponibilidad."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":3.6}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://me.sap.com/notes/3552144","source":"cna@sap.com"},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com"}]}}]}