Auth bypass in Sap_se Sap Electronic Invoicing For Brazil (Edocument Cockpit)

CVE-2025-27432

The eDocument Cockpit (Inbound NF-e) in SAP Electronic Invoicing for Brazil allows an authenticated attacker with certain privileges to gain unauthorized access to each transaction. By executing the specific ABAP method within the ABAP sys…

Vulnerability class: Broken Access Control

EPSS: 0.002 (8.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 2.4 (Low). Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2025-27432?
CVE-2025-27432 is a low-severity vulnerability in Sap_se Sap Electronic Invoicing For Brazil (Edocument Cockpit), classified under Missing Authorization. CVSS score: 2.4/10. Published 2025-03-11.
How severe is CVE-2025-27432?
Low severity. CVSS v3 base score is 2.4 out of 10.