CVE-2025-42878
HIGHDescription
SAP Web Dispatcher and ICM may expose internal testing interfaces that are not intended for production. If enabled, unauthenticated attackers could exploit them to access diagnostics, send crafted requests, or disrupt services. This vulnerability has a high impact on confidentiality, availability and low impact on integrity and of the application.
Is your site exposed to CVE-2025-42878?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
References
Other References
Frequently Asked Questions
What is CVE-2025-42878? +
How severe is CVE-2025-42878? +
How do I check if I'm vulnerable to CVE-2025-42878? +
Related Vulnerabilities
The CleverDisplay BlueOne hardware player is designed with its USB interfaces physically enclosed and inaccessible under normal operating conditions. Researchers …
NVIDIA Hopper HGX for 8-GPU contains a vulnerability in the HGX Management Controller (HMC) that may allow a malicious actor …
A local attacker who can execute privileged CSR operations (or can induce firmware to do so) performs carefully crafted reads/writes …
NVIDIA HGX & DGX GB200, GB300, B300 contain a vulnerability in the HGX Management Controller (HMC) that may allow a …
An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability [CWE-1244] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, …
A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could …