- Description
- In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a parameter in an otherwise legitimate resource request to view sensitive information that should otherwise be restricted. The attacker does not have the ability to modify the information or to make the information unavailable.
- Source
- cna@sap.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- cna@sap.com
- CWE-639
- Hype score
- Not currently trending
CVE-2025-0058 Sensitive Data Exposure in SAP Workflow via Parameter Manipulation https://t.co/WW7r7PBaKS Vulnerability Alert Subscriptions: https://t.co/hrQhy5uz4x
@VulmonFeeds
14 Jan 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0058 In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a parameter in an otherwise legitimate resource request to view sensitive i… https://t.co/WocBeOqDpY
@CVEnew
14 Jan 2025
181 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes