What is CVE-2025-42930?

CVE-2025-42930 is a medium-severity vulnerability in Sap_se Sap Business Planning And Consolidation, classified under CWE-606. CVSS score: 6.5/10. Published 2025-09-09.

How severe is CVE-2025-42930?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Sap_se Sap Business Planning And Consolidation

CVE-2025-42930

SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that causes a loop, consuming excessive resources and resulting in system unavailability. This leads to…

EPSS: 0.001 (27.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

Affected products

Sap_se Sap Business Planning And Consolidation — versions BPC4HANA 200, 300, SAP_BW 750

Weakness classification (CWE)

CWE-606

References

me.sap.com/notes/3614067
url.sap/sapsecuritypatchday

Frequently asked questions

What is CVE-2025-42930?: CVE-2025-42930 is a medium-severity vulnerability in Sap_se Sap Business Planning And Consolidation, classified under CWE-606. CVSS score: 6.5/10. Published 2025-09-09.
How severe is CVE-2025-42930?: Medium severity. CVSS v3 base score is 6.5 out of 10.