CVE-2025-30016 CRITICAL

CVE-2025-30016: Authentication Bypass Vulnerability in SAP Financial Consolidation

Vendor Sap_Se
Product SAP Financial Consolidation
Weakness CWE-921
Published April 8, 2025
Last update February 26, 2026

CVSS base score

9.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

SAP Financial Consolidation allows an unauthenticated attacker to gain unauthorized access to the Admin account. The vulnerability arises due to improper authentication mechanisms, due to which there is high impact on the Confidentiality, Integrity & Availability of the application.

Key dates

02Disclosure timeline

April 8, 2025 CVE published
February 26, 2026 Record updated