CVE-2025-42996
MEDIUMDescription
SAP MDM Server allows an attacker to gain control of existing client sessions and execute certain functions without having to re-authenticate giving the ability to access or modify non-sensitive information or consume sufficient resources which could degrade the performance of the server causing low impact on confidentiality, integrity and availibility of the application.
Is your site exposed to CVE-2025-42996?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
References
Other References
Frequently Asked Questions
What is CVE-2025-42996? +
How severe is CVE-2025-42996? +
How do I check if I'm vulnerable to CVE-2025-42996? +
Related Vulnerabilities
A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to …
Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
SAP MDM Server Read function allows an attacker to send specially crafted packets which could trigger a memory read access …
SAP MDM Server ReadString function allows an attacker to send specially crafted packets which could trigger a memory read access …
Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not …
Use of stack memory after free vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Denial-of-Service …