CVE-2025-42907
📋 TL;DR
This vulnerability in SAP BI Platform allows attackers to modify the LogonToken IP address for OpenDoc, potentially redirecting ping requests to different servers. It primarily affects SAP BI Platform users with OpenDoc functionality enabled. The impact is limited to integrity with no confidentiality or availability risks.
💻 Affected Systems
- SAP BI Platform
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could redirect legitimate OpenDoc requests to malicious servers, potentially enabling man-in-the-middle attacks or data manipulation during document access.
Likely Case
Limited integrity impact where attackers could redirect ping requests to unauthorized servers, but no direct data access or system compromise.
If Mitigated
With proper network segmentation and access controls, impact is minimal as the vulnerability only affects specific OpenDoc functionality.
🎯 Exploit Status
Exploitation requires understanding of SAP BI Platform's OpenDoc implementation and ability to modify LogonToken parameters
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Apply SAP Security Note 3540622
Vendor Advisory: https://me.sap.com/notes/3540622
Restart Required: No
Instructions:
1. Access SAP Support Portal. 2. Download and apply SAP Note 3540622. 3. Follow SAP's standard patching procedures for BI Platform. 4. Verify the fix by testing OpenDoc functionality.
🔧 Temporary Workarounds
Restrict OpenDoc Access
allLimit access to OpenDoc functionality to trusted networks and users only
Configure network firewall rules to restrict access to OpenDoc endpoints
Implement IP whitelisting for OpenDoc services
🧯 If You Can't Patch
- Implement strict network segmentation to isolate SAP BI Platform from untrusted networks
- Monitor and log all OpenDoc access attempts for suspicious activity
🔍 How to Verify
Check if Vulnerable:
Check if SAP BI Platform version is affected by consulting SAP Note 3540622 and verify OpenDoc functionality is enabledCheck Version:
Check SAP system information via transaction code SM51 or consult system documentationVerify Fix Applied:
Verify SAP Note 3540622 is applied successfully and test OpenDoc functionality to ensure proper IP validation📡 Detection & Monitoring
Log Indicators:
- Unusual OpenDoc access patterns
- Multiple failed OpenDoc requests from same source
- OpenDoc requests with modified IP parameters
Network Indicators:
- Unexpected network traffic to/from OpenDoc endpoints
- OpenDoc requests redirected to non-standard servers
SIEM Query:
source="sap_bi_logs" AND (event="OpenDoc" OR event="LogonToken") AND (ip_change="true" OR redirect="true")