CVE-2022-29613
CVE-2022-29613
Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number. On successful exploitation, the attacker can view personal details of other users causing a limited impact on confidentiality of the application.
Productos afectados
SAP SE · SAP Employee Self Service (Fiori My Leave Request)¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →