{“lastseen”:””,”description”:”SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an insecure S\/4HANA default profile setting in an existing SAP CAL appliances to gain access to other appliances. This has low impact on confidentiality of the application, integrity and availability is not impacted.”,”published”:”2025-10-14T00:18:11.957Z”,”modified”:”2025-10-14T00:18:11.957Z”,”type”:”cve”,”title”:”Security Misconfiguration vulnerability in SAP Cloud Appliance Library Appliances”,”source”:”sap”,”references”:”https:\/\/me.sap.com\/notes\/3643871\\nhttps:\/\/url.sap\/sapsecuritypatchday”,”id”:”CVE-2025-42909″,”bulletinFamily”:””,”cwe”:[“CWE-1004″],”cvelist”:null,”sourceData”:”SAP_SE SAP Cloud Appliance Library Appliances TITANIUM_WEBAPP 4.0″,”sourceHref”:””,”cvss”:{“score”:3,”severity”:”LOW”,”vector”:”CVSS:3.1\/AV:N\/AC:H\/PR:H\/UI:N\/S:C\/C:L\/I:N\/A:N”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”SAP Cloud Appliance Library Appliances”,”version”:”TITANIUM_WEBAPP 4.0″,”vendor”:”SAP_SE”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an insecure S\/4HANA default profile setting in an existing SAP CAL appliances…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,153,12,71,13,7,11,5],"class_list":["post-21354","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-30","tag-exploit","tag-low","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n