Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSapCVELIST:CVE-2022-29613
HistoryMay 11, 2022 - 2:57 p.m.

CVE-2022-29613

2022-05-1114:57:56
CWE-20
sap
www.cve.org
sap employee self service
input validation
authenticated attacker
employee number alteration
confidentiality impact

AI Score

4.8

Confidence

High

EPSS

0.001

Percentile

22.7%

JSON

Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number. On successful exploitation, the attacker can view personal details of other users causing a limited impact on confidentiality of the application.

CNA Affected

[
  {
    "product": "SAP Employee Self Service (Fiori My Leave Request)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "605"
      }
    ]
  }
]

Related

nvd 1
cve 1
prion 1
nvd
nvd
CVE-2022-29613
2022-05-11 15:15:09
cve
cve
CVE-2022-29613
2022-05-11 15:15:09
prion
prion
Input validation
2022-05-11 15:15:00

AI Score

4.8

Confidence

High

EPSS

0.001

Percentile

22.7%

JSON
Related for CVELIST:CVE-2022-29613
nvd1cve1prion1