CVE-2025-42960 | Missing Authorization Check in SAP Business Warehouse and SAP BW/4HANA BEx Tools
SAP Business Warehouse and SAP BW/4HANA BEx Tools allow an authenticated attacker to gain higher access levels than intended by exploiting improper authorization checks. This could potentially impact data integrity by allowing deletion of user table entries.�It has no impact on the confidentiality and availability of the application.
Conclusion & alert: CVE-2025-42960 is rated Low Risk (30.4/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.17%).Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
Exploit prediction scoring system (EPSS) score for CVE-2025-42960
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).