2 matches found
CVE-2019-0325
SAP ERP HCM SAPHRCES , version 3, does not perform necessary authorization checks for a report that reads payroll data of employees in a certain area. Due to this under certain conditions, the user that once had authorization to payroll data of an employee, which was later revoked, may retain...
CVE-2019-0325
CVE-2019-0325 affects SAP ERP HCM (SAP_HRCES) v3.0. The vulnerability arises from missing authorization checks on a payroll-data report, allowing a user who once had payroll data access to retain access after revocation under certain conditions. Impact stated: potential unauthorized reading of pa...