{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T17:01:10.126","vulnerabilities":[{"cve":{"id":"CVE-2025-42959","sourceIdentifier":"cna@sap.com","published":"2025-07-08T01:15:22.477","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An unauthenticated attacker may exploit a scenario where a Hashed Message Authentication Code (HMAC) credential, extracted from a system missing specific security patches, is reused in a replay attack against a different system. Even if the target system is fully patched, successful exploitation could result in complete system compromise, affecting confidentiality, integrity, and availability."},{"lang":"es","value":"Un atacante no autenticado podría explotar una situación en la que una credencial de Código de Autenticación de Mensajes Hash (HMAC), extraída de un sistema sin parches de seguridad específicos, se reutiliza en un ataque de repetición contra otro sistema. Incluso si el sistema objetivo cuenta con todos los parches instalados, una explotación exitosa podría comprometer completamente el sistema, afectando la confidencialidad, la integridad y la disponibilidad."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-308"}]}],"references":[{"url":"https://me.sap.com/notes/3600846","source":"cna@sap.com"},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com"}]}}]}