VDB

CVE-2026-0497

CVE-2026-0497 PUBLISHED CVSS 4.300000190734863 MEDIUM

SAP Product Designer Web UI of Business Server Pages allows authenticated non-administrative users to access non-sensitive information. This results in a low impact on confidentiality, with no impact on integrity or availability of the application.

EPSS 0.05% · 14.6th percentile

Risk Scores

CVSS 3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.05%
14.6th percentile

Affected Products

VendorProductVersions
SAP_SEBusiness Server Pages Application (Product Designer Web UI)SAP_APPL 618, S4CORE 102, 103

Timeline

  • Jan 13, 2026 EPSS Score
  • Jan 13, 2026 CVE Published
  • Jan 13, 2026 CVE Updated
  • Jan 13, 2026 PoC Published
  • Jan 13, 2026 PoC Published
  • Jan 16, 2026 EPSS Score
  • Jan 19, 2026 EPSS Score
  • Jan 22, 2026 EPSS Score
  • Jan 25, 2026 EPSS Score
  • Jan 28, 2026 EPSS Score
  • Jan 31, 2026 EPSS Score
  • Feb 3, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›