Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

erp_human_capital_management

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

2
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2022-22535
Assigner-SAP SE
ShareView Details
Assigner-SAP SE
CVSS Score-6.5||MEDIUM
EPSS-0.23% / 45.89%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:05
Updated-03 Aug, 2024 | 03:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP ERP HCM Portugal - versions 600, 604, 608, does not perform necessary authorization checks for a report that reads the payroll data of employees in a certain area. Since the affected report only reads the payroll information, the attacker can neither modify any information nor cause availability impacts.

Action-Not Available
Vendor-SAP SE
Product-erp_human_capital_managementSAP ERP HCM (Portugal)
CWE ID-CWE-862
Missing Authorization
CVE-2021-42062
Assigner-SAP SE
ShareView Details
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.13% / 33.16%
||
7 Day CHG~0.00%
Published-10 Nov, 2021 | 15:30
Updated-04 Aug, 2024 | 03:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP ERP HCM Portugal does not perform necessary authorization checks for a report that reads the payroll data of employees in a certain area. Since the affected report only reads the payroll information, the attacker can neither modify any information nor cause availability impacts.

Action-Not Available
Vendor-SAP SE
Product-erp_human_capital_managementSAP ERP HCM Portugal
CWE ID-CWE-862
Missing Authorization