VYPR

ERP HCM Portugal

by SAP

CVEs (3)

  • CVE-2022-22535MedFeb 9, 2022
    risk 0.42cvss 6.5epss 0.01

    SAP ERP HCM Portugal - versions 600, 604, 608, does not perform necessary authorization checks for a report that reads the payroll data of employees in a certain area. Since the affected report only reads the payroll information, the attacker can neither modify any information…

  • CVE-2021-42062MedNov 10, 2021
    risk 0.28cvss 4.3epss 0.01

    SAP ERP HCM Portugal does not perform necessary authorization checks for a report that reads the payroll data of employees in a certain area. Since the affected report only reads the payroll information, the attacker can neither modify any information nor cause availability…

  • CVE-2026-27687Mar 10, 2026
    risk 0.00cvss epss 0.00

    Due to missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal, a user with high privileges could access sensitive data belonging to another company. This vulnerability has a high impact on confidentiality and does not affect integrity and availability.