VDB
CVE-2026-0497
CVE-2026-0497
PUBLISHED
CVSS 4.300000190734863 MEDIUM
SAP Product Designer Web UI of Business Server Pages allows authenticated non-administrative users to access non-sensitive information. This results in a low impact on confidentiality, with no impact on integrity or availability of the application.
EPSS 0.05% · 14.6th percentile
Risk Scores
CVSS 3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.05%
14.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SAP_SE | Business Server Pages Application (Product Designer Web UI) | SAP_APPL 618, S4CORE 102, 103 |
Timeline
- Jan 13, 2026 EPSS Score
- Jan 13, 2026 CVE Published
- Jan 13, 2026 CVE Updated
- Jan 13, 2026 PoC Published
- Jan 13, 2026 PoC Published
- Jan 16, 2026 EPSS Score
- Jan 19, 2026 EPSS Score
- Jan 22, 2026 EPSS Score
- Jan 25, 2026 EPSS Score
- Jan 28, 2026 EPSS Score
- Jan 31, 2026 EPSS Score
- Feb 3, 2026 EPSS Score