Description

Due to directory traversal vulnerability in SAP S/4HANA (Bank Communication Management), an attacker with high privileges and access to a specific transaction and method in Bank Communication Management could gain unauthorized access to sensitive operating system files. This could allow the attacker to potentially read or delete these files hence causing a high impact on confidentiality and low impact on integrity. There is no impact on availability of the system.

INFO

Published Date :

2025-08-12T02:07:16.389Z

Last Modified :

2025-08-13T20:20:33.547Z

Source :

sap
AFFECTED PRODUCTS

The following products are affected by CVE-2025-42946 vulnerability.

Vendors Products
Sap
  • S/4hana
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-42946.

URL Resource
https://me.sap.com/notes/3614804 cve-icon cve-icon
https://url.sap/sapsecuritypatchday cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact