VDB

CESS-2025-27432

CESS-2025-27432 PUBLISHED CVSS 2.4 LOW

The eDocument Cockpit (Inbound NF-e) in SAP Electronic Invoicing for Brazil allows an authenticated attacker with certain privileges to gain unauthorized access to each transaction. By executing the specific ABAP method within the ABAP system, an unauthorized attacker could call each transaction and view the inbound delivery details. This vulnerability has a low impact on the confidentiality with no effect on the integrity and the availability of the application.

Risk Scores

CVSS 3.1
2.4
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Timeline

  • Mar 11, 2025 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›