Vulnerability Database

309,136

Total vulnerabilities in the database

CVE-2025-0058

In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a parameter in an otherwise legitimate resource request to view sensitive information that should otherwise be restricted. The attacker does not have the ability to modify the information or to make the information unavailable.

Published: Jan 14, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-0058
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-639

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
sap / sap_basis	753	753.x
sap / sap_basis	754	754.x
sap / sap_basis	755	755.x
sap / sap_basis	756	756.x
sap / sap_basis	757	757.x
sap / sap_basis	758	758.x
sap / sap_basis	912	912.x
sap / sap_basis	913	913.x
sap / sap_basis	914	914.x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo