Lucene search
K

9 matches found

CVE
CVE
added 2026/03/10 12:18 a.m.11 views

CVE-2026-27687

CVE-2026-27687: A missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal allows a user with high privileges to access another company’s sensitive data. Root cause: lack of authorization validation. Impact: High confidentiality impact; no reported integrity or availabilit...

5.8CVSS5.8AI score0.00262EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-1098

Malware in sbrugna...

4.9CVSS4.7AI score0.00792EPSS
Exploits0References4
CNVD
CNVD
added 2025/05/28 12:0 a.m.1 views

SAP ERP HCM and SAP S/4HANA Authorization Issues Vulnerability

SAP ERP HCM and SAP S/4HANA are both products of SAP, an enterprise human resource management solution, and SAP S/4HANA, an enterprise resource management software based on the SAP HANA in-memory database system. SAP ERP HCM and SAP S/4HANA have an authorization issue vulnerability that stems fro...

5.8CVSS6.7AI score0.00307EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:26 p.m.6 views

CVE-2022-22535

SAP ERP HCM Portugal - versions 600, 604, 608, does not perform necessary authorization checks for a report that reads the payroll data of employees in a certain area. Since the affected report only reads the payroll information, the attacker can neither modify any information nor cause...

6.5CVSS6.7AI score0.00834EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:4 a.m.6 views

CVE-2019-0325

SAP ERP HCM SAPHRCES , version 3, does not perform necessary authorization checks for a report that reads payroll data of employees in a certain area. Due to this under certain conditions, the user that once had authorization to payroll data of an employee, which was later revoked, may retain...

4.9CVSS6.8AI score0.00792EPSS
Exploits0References1
CVE
CVE
added 2019/07/10 7:4 p.m.140 views

CVE-2019-0325

CVE-2019-0325 affects SAP ERP HCM (SAP_HRCES) v3.0. The vulnerability arises from missing authorization checks on a payroll-data report, allowing a user who once had payroll data access to retain access after revocation under certain conditions. Impact stated: potential unauthorized reading of pa...

4.9CVSS4.5AI score0.00792EPSS
Exploits0References3Affected Software1
Symantec
Symantec
added 2019/07/09 12:0 a.m.26 views

SAP ERP HCM CVE-2019-0325 Remote Authorization Bypass Vulnerability

Description SAP ERP HCM Basis is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP ERP HCM 3.0 Recommendations Block external access at the netwo...

4.9CVSS0.3AI score0.00792EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/10/09 1:29 p.m.15 views

Cross site request forgery (csrf)

SAP Fiori 1.0 for SAP ERP HCM Approve Leave Request, version 2 application allows an attacker to trick an authenticated user to send unintended request to the web server. This vulnerability is due to insufficient CSRF protection...

4.3CVSS6.4AI score0.00669EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/10/09 1:0 p.m.18 views

CVE-2018-2474

SAP Fiori 1.0 for SAP ERP HCM Approve Leave Request, version 2 application allows an attacker to trick an authenticated user to send unintended request to the web server. This vulnerability is due to insufficient CSRF protection...

6.5AI score0.00669EPSS
Exploits0References3
Rows per page
Query Builder