Vulnerabilities

CVE-2022-29613

by Fred · 11/05/2022

Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number. On successful exploitation, the attacker can view personal details of other users causing a limited impact on confidentiality of the application.

Date published : 2022-05-11

https://launchpad.support.sap.com/#/notes/3164677

https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Similar

Tags: Cybersecurity Alert