CVE-2025-42903

Publication date

2025-10-14 00:17:39

Family

sap

State

PUBLISHED

Description

A vulnerability in SAP Financial Service Claims Management RFC function ICL_USER_GET_NAME_AND_ADDRESS allows user enumeration and potential disclosure of personal data through response discrepancies, causing low impact on confidentiality with no impact on integrity or availability.