SAP
Security Scorecard
Score
71C
Total CVEs
44
Patch Rate
50%
22 patched
Avg Response
-
days to patch
Critical Gaps
1
exploitable, no detection
Severity Breakdown
Critical6
High6
Medium32
Low0
Patch Status
Patched22 (50%)
Partial/Workaround4 (9%)
Unpatched18 (41%)
CVEs (44)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-42876 | SAP S/4 HANA Private Cloud Financials General Ledger Vulnerability | High | 7.1 | - | Patched |
| CVE-2025-42875 | SAP Internet Communication Framework Vulnerability | Medium | 6.6 | - | Patched |
| CVE-2025-42904 | ABAP List Information Disclosure | Medium | 6.5 | - | Workaround |
| CVE-2025-42872 | SAP NetWeaver Enterprise Portal XSS Vulnerability | Medium | 6.1 | - | Patched |
| CVE-2025-42873 | SAPUI5 Infinite Loop Denial of Service | Medium | 5.9 | - | Patched |
| CVE-2025-42891 | SAP Enterprise Search for ABAP Vulnerability | Medium | 5.5 | - | Patched |
| CVE-2025-42924 | - | Medium | 6.1 | 34d | Unpatched |
| CVE-2025-42919 | - | Medium | 5.3 | 34d | Unpatched |
| CVE-2025-42897 | - | Medium | 5.3 | 35d | Unpatched |
| CVE-2025-42895 | - | Medium | 6.9 | 35d | Unpatched |