Security Advisory

CVE-2025-42903

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-14 00:17:39

Last updated 2025-10-14 15:22:42

Assigner sap

State PUBLISHED

Description

A vulnerability in SAP Financial Service Claims Management RFC function ICL_USER_GET_NAME_AND_ADDRESS allows user enumeration and potential disclosure of personal data through response discrepancies, causing low impact on confidentiality with no impact on integrity or availability.

← Browse all CVEs View on cve.org ↗