CVE-2025-42985 MEDIUM

CVE-2025-42985: Open Redirect vulnerability in SAP BusinessObjects Content Administrator workbench

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Weakness CWE-601 · Open redirect

Published July 8, 2025

Last update July 8, 2025

View on NVD All CVEs

CVSS base score

6.1/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

Due to insufficient sanitization in the SAP BusinessObjects Content Administrator Workbench, attackers could craft malicious URLs and execute scripts in a victim�s browser. This could potentially lead to the exposure or modification of web client data, resulting in low impact on confidentiality and integrity, with no impact on application availability.

Key dates

02Disclosure timeline

July 8, 2025 CVE published

July 8, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-42985

Related vulnerabilities

Identifiers

CVE CVE-2025-42985

CWE CWE-601

CVSS 6.1 / MEDIUM

Affected versions

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected DW4CORE 100

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 200

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 300

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 400

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected SAP_BW 700

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 701

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 702

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 731

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 740

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 750

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 751

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 752

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 753

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 754

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 755

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 756

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 757

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 758

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected 816

Vendor Sap_Se

Product SAP BusinessObjects Content Administrator workbench

Affected SAP_BW_VIRTUAL_COMP 701

CVE-2025-42985: Open Redirect vulnerability in SAP BusinessObjects Content Administrator workbench

01Description

02Disclosure timeline

03References

04Related CVE