2 matches found
CVE-2022-39801
CVE-2022-39801 relates to SAP GRC Access Control Emergency Access Management. An authenticated attacker can access a Firefighter session after it is closed in the Firefighter Logon Pad, with exploitation possible only inside the firewall, potentially enabling access to an admin session and comple...
CVE-2021-44233
CVE-2021-44233 affects SAP GRC Access Control versions V1100_700, V1100_731, V1200_750, where an authenticated user may be able to escalate privileges due to insufficient authorization checks. The issue is described as an authorization check gap leading to privilege elevation. No exploitation det...