SAP Knowledge Base Article - Preview

3735108 - Effect of CVE-2025-48976 - SAP process orchestration

Symptom

  • A vulnerability (CVE-2025-48976) is reported by a vulnerability assessment scan for a .jar under com.sap.aii.igw.commons.api.lib/lib/commons-fileupload-commons-fileupload-1.5.jar.

 Path              : /usr/sap/<SID>/J00/j2ee/cluster/bin/ext/com.sap.aii.igw.commons.api.lib/lib/commons-fileupload-commons-fileupload-1.5.jar
 Installed version : 1.5
 Fixed version     : 1.6

  • The finding is associated with Integration Gateway functionality.
  • Enquiry on mitigation plan or effect of Vulnerability in PI/PO System


Read more...

Environment

  • SAP NetWeaver
  • SAP Process Integration

Keywords

CVE-2025-48976, commons-fileupload, apache commons fileupload, integration gateway, com.sap.aii.igw, process orchestration, PO, AS Java, vulnerability scan, cloud integration content, mitigation, vulnerability, PI, upgrade , KBA , BC-XI-IGW , Integration Gateway , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.