CVE-2025-27432

CVE-2025-27432

Título es
CVE-2025-27432

Mar, 11/03/2025 – 01:15

Tipo
CWE-862

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-27432

Descripción en
The eDocument Cockpit (Inbound NF-e) in SAP Electronic Invoicing for Brazil allows an authenticated attacker with certain privileges to gain unauthorized access to each transaction. By executing the specific ABAP method within the ABAP system, an unauthorized attacker could call each transaction and view the inbound delivery details. This vulnerability has a low impact on the confidentiality with no effect on the integrity and the availability of the application.

11/03/2025

11/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)
2.40

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
LOW

Referencias

Enviar en el boletín
Off