CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-42893

Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site displayed within an embedded frame. Successful exploitation could allow the attacker to steal sensitive information and perform unauthorized actions, impacting the confidentiality and integrity of web client data. There is no impact to system availability resulting from this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 26.0%

CVSS Severity

CVSS v3 Score 6.1

References

https://me.sap.com/notes/3662000
https://url.sap/sapsecuritypatchday

Products affected by CVE-2025-42893

Sap » Business Connector » Version: 4.8

cpe:2.3:a:sap:business_connector:4.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-42893

Products

Pricing

Contact Us