{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T07:24:06.125","vulnerabilities":[{"cve":{"id":"CVE-2025-42981","sourceIdentifier":"cna@sap.com","published":"2025-07-08T01:15:25.427","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Due to an open redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft a URL link embedding a malicious script at a location not properly sanitized. When a victim clicks on this link, the script executes within the victim's browser, redirecting them to a site controlled by the attacker. This allows the attacker to access and/or modify restricted information related to the web client. While the vulnerability poses no impact on data availability, it presents a considerable risk to confidentiality and integrity."},{"lang":"es","value":"Debido a una vulnerabilidad de redirección abierta en SAP NetWeaver Application Server ABAP, un atacante no autenticado podría manipular un enlace URL que incruste un script malicioso en una ubicación no depura correctamente. Cuando una víctima hace clic en este enlace, el script se ejecuta en su navegador, redirigiéndola a un sitio web controlado por el atacante. Esto le permite acceder o modificar información restringida del cliente web. Si bien la vulnerabilidad no afecta la disponibilidad de los datos, sí representa un riesgo considerable para la confidencialidad e integridad."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"references":[{"url":"https://me.sap.com/notes/3617131","source":"cna@sap.com"},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com"}]}}]}