A critical vulnerability in SAP NetWeaver Application...

A critical vulnerability in SAP NetWeaver Application server for Java Log Viewer enables authenticated administrator users to exploit unsafe Java object deserialization. Successful exploitation can lead to full operating system compromise, granting attackers complete control over the affected system. This results in a severe impact on the confidentiality, integrity, and availability of the application and host environment.

References

Published by the National Vulnerability Database Jul 8, 2025

Published to the GitHub Advisory Database Jul 8, 2025

Last updated Jul 8, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Package

Affected versions

Patched versions

Description

References

Severity

CVSS overall score

CVSS v3 base metrics

CVSS v3 base metrics

EPSS score

Exploit Prediction Scoring System (EPSS)

Weaknesses

Deserialization of Untrusted Data

CVE ID

GHSA ID

Source code

Uh oh!