{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T00:12:32.162","vulnerabilities":[{"cve":{"id":"CVE-2025-42976","sourceIdentifier":"cna@sap.com","published":"2025-08-12T03:15:28.603","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"SAP NetWeaver Application Server ABAP (BIC Document) allows an authenticated attacker to craft a request that, when submitted to a BIC Document application, could cause a memory corruption error. On successful exploitation, this results in the crash of the target component. Multiple submissions can make the target completely unavailable. A similarly crafted submission can be used to perform an out-of-bounds read operation as well, revealing sensitive information that is loaded in memory at that time. There is no ability to modify any information."},{"lang":"es","value":"SAP NetWeaver Application Server ABAP (Documento BIC) permite a un atacante autenticado manipular una solicitud que, al enviarse a una aplicación de Documento BIC, podría causar un error de corrupción de memoria. Si se explota con éxito, esto provoca el bloqueo del componente objetivo. Múltiples envíos pueden dejar el objetivo completamente indisponible. Un envío similar puede utilizarse para realizar una operación de lectura fuera de los límites, revelando información confidencial cargada en memoria en ese momento. No es posible modificar la información."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://me.sap.com/notes/3611184","source":"cna@sap.com"},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com"}]}}]}