{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T13:03:06.637","vulnerabilities":[{"cve":{"id":"CVE-2025-42986","sourceIdentifier":"cna@sap.com","published":"2025-07-08T01:15:25.730","lastModified":"2025-10-27T16:55:48.213","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Due to a missing authorization check in an obsolete RFC enabled function module in SAP BASIS, an authenticated low-privileged attacker could call a Remote Function Call (RFC), potentially accessing restricted system information. This results in low impact on confidentiality, with no impact on integrity or availability of the application."},{"lang":"es","value":"Debido a la falta de una verificación de autorización en un módulo de función obsoleto habilitado para RFC en SAP BASIS, un atacante autenticado con pocos privilegios podría ejecutar una Llamada a Función Remota (RFC), lo que podría permitir el acceso a información restringida del sistema. Esto genera un impacto mínimo en la confidencialidad, sin afectar la integridad ni la disponibilidad de la aplicación."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:sap_basis:700:*:*:*:*:*:*:*","matchCriteriaId":"85616273-040E-49CB-8EB6-D2D4D7B603E5"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:sap_basis:701:*:*:*:*:*:*:*","matchCriteriaId":"C5F2C3A9-DCC0-4FF1-8E68-9EA150E209F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:sap_basis:702:*:*:*:*:*:*:*","matchCriteriaId":"6F774A45-2A9F-4873-A5DC-766D030C8CCD"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:sap_basis:731:*:*:*:*:*:*:*","matchCriteriaId":"D3A0A2D6-9259-4A35-A236-F4BEE986C1FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:sap_basis:740:*:*:*:*:*:*:*","matchCriteriaId":"49C3A8E5-FA6A-4EF3-BF50-FD4E1576024F"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:sap_basis:750:*:*:*:*:*:*:*","matchCriteriaId":"ABA8AB4E-3FE6-46A8-847E-660C5DF6CE71"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:sap_basis:751:*:*:*:*:*:*:*","matchCriteriaId":"6DA4A6F0-C0F1-42CB-8BBD-7198064733EA"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:sap_basis:752:*:*:*:*:*:*:*","matchCriteriaId":"8C121CC9-26F6-4103-8EB0-BAFF6B5B5FE8"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:sap_basis:753:*:*:*:*:*:*:*","matchCriteriaId":"86086D00-10BF-4C55-8D87-82CCBE468153"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:sap_basis:754:*:*:*:*:*:*:*","matchCriteriaId":"2F25246A-D9E5-4F0D-B91A-478D4E5570DB"}]}]}],"references":[{"url":"https:\/\/me.sap.com\/notes\/3626440","source":"cna@sap.com","tags":["Permissions Required"]},{"url":"https:\/\/url.sap\/sapsecuritypatchday","source":"cna@sap.com","tags":["Patch"]}]}}]}