CVE-2022-29613

Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number. On successful exploitation, the attacker can view personal details of other users causing a limited impact on confidentiality of the application.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:employee_self_service:605:*:*:*:*:*:*:*

Information

Published : 2022-05-11 08:15

Updated : 2022-05-19 08:44


NVD link : CVE-2022-29613

Mitre link : CVE-2022-29613


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

sap

  • employee_self_service