VYPR
Unrated severityNVD Advisory· Published May 11, 2022· Updated Aug 3, 2024

CVE-2022-29613

CVE-2022-29613

Description

Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number. On successful exploitation, the attacker can view personal details of other users causing a limited impact on confidentiality of the application.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.