CVE-2024-47581

Missing Authorization check in SAP HCM (Approve Timesheets version 4)

CVSS 4.3 MEDIUMEPSS 0.2%CWE-862

SAP HCM Approve Timesheets Version 4 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.There is low impact on integrity of the application. Confidentiality and availibility are not impacted.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Productos afectados

SAP_SE · SAP HCM

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://me.sap.com/notes/3522332 https://url.sap/sapsecuritypatchday