Security Advisory

CVE-2025-42884

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-11 00:14:02

Last updated 2025-11-12 20:11:40

Assigner sap

State PUBLISHED

Description

SAP NetWeaver Enterprise Portal allows an unauthenticated attacker to inject JNDI environment properties or pass a URL used during JNDI lookup operations, enabling access to an unintended JNDI provider.�This could further lead to disclosure or modification of information about the server. There is no impact on availability.

← Browse all CVEs View on cve.org ↗