{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T15:01:14.904","vulnerabilities":[{"cve":{"id":"CVE-2026-27688","sourceIdentifier":"cna@sap.com","published":"2026-03-10T17:38:11.497","lastModified":"2026-06-03T18:58:26.897","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could read Database Analyzer Log Files via a specific RFC function module. The attacker with the necessary privileges to execute this function module could potentially escalate their privileges and read the sensitive data, resulting in a limited impact on the confidentiality of the information stored. However, the integrity and availability of the system are not affected."},{"lang":"es","value":"Debido a la ausencia de una verificación de autorización en SAP NetWeaver Servidor de aplicaciones para ABAP, un atacante autenticado con privilegios de usuario podría leer Archivos de registro del Analizador de base de datos a través de un módulo de función RFC específico. El atacante con los privilegios necesarios para ejecutar este módulo de función podría potencialmente escalar sus privilegios y leer los datos sensibles, lo que resulta en un impacto limitado en la confidencialidad de la información almacenada. Sin embargo, la integridad y disponibilidad del sistema no se ven afectadas."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":1.4}]},"weaknesses":[{"source":"cna@sap.com","type":"Primary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:700:*:*:*:sap_basis:*:*:*","matchCriteriaId":"6F048ED9-2DDF-4EB9-8571-73832AFABF6A"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:701:*:*:*:sap_basis:*:*:*","matchCriteriaId":"C37DC475-6B9A-493C-9A6F-28CDD65D2A5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:702:*:*:*:sap_basis:*:*:*","matchCriteriaId":"2BD9FE51-F76C-439A-A3C0-5279EC1059F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:730:*:*:*:sap_basis:*:*:*","matchCriteriaId":"1E8E6E23-EA96-45D5-BC81-3E5990701AD4"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:731:*:*:*:sap_basis:*:*:*","matchCriteriaId":"4EB54432-0E1A-45F2-BEE1-8DC28FAADA9F"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:740:*:*:*:sap_basis:*:*:*","matchCriteriaId":"8E96C58C-ED44-487B-A67E-FDAE3C29023A"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:750:*:*:*:sap_basis:*:*:*","matchCriteriaId":"A14DF5EB-B8CE-4A47-9959-2F65A5DCEF5F"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:751:*:*:*:sap_basis:*:*:*","matchCriteriaId":"3E0CA53D-4335-4872-B527-30802E31B893"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:752:*:*:*:sap_basis:*:*:*","matchCriteriaId":"419BA423-0803-4F51-8889-014A521F02CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:753:*:*:*:sap_basis:*:*:*","matchCriteriaId":"DA20ECDC-8807-462C-A0F0-70DF6F5A119B"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:754:*:*:*:sap_basis:*:*:*","matchCriteriaId":"800AAC21-325C-4F16-AE5A-9F89327E5356"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:755:*:*:*:sap_basis:*:*:*","matchCriteriaId":"BDC15DB7-A95B-475F-AAA6-60A801F65690"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:756:*:*:*:sap_basis:*:*:*","matchCriteriaId":"55A2FECF-A32E-4188-9563-E8BA0E952261"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:757:*:*:*:sap_basis:*:*:*","matchCriteriaId":"9CBF2E53-17F0-4BF0-9C38-749C7E611BF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:758:*:*:*:sap_basis:*:*:*","matchCriteriaId":"5160572B-E3AB-4B96-8950-07DDAFA0E4A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:sap:netweaver_application_server_abap:816:*:*:*:sap_basis:*:*:*","matchCriteriaId":"32888162-53F9-4598-8C04-E4A4903AAB57"}]}]}],"references":[{"url":"https://me.sap.com/notes/3704740","source":"cna@sap.com","tags":["Permissions Required"]},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com","tags":["Vendor Advisory"]}]}}]}