exploitDog

GHSA-xxh2-9vx8-x442

Опубликовано: 09 сент. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

SAP HCM Approve Timesheets Fiori 2.0 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This issue has a significant impact on the application's integrity, while confidentiality and availability remain unaffected.

SAP HCM Approve Timesheets Fiori 2.0 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This issue has a significant impact on the application's integrity, while confidentiality and availability remain unaffected.

Ссылки

EPSS

Процентиль: 15%

0.00048

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-862

Связанные уязвимости

CVE-2025-42917

CVSS3: 6.5

nvd

5 месяцев назад

SAP HCM Approve Timesheets Fiori 2.0 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This issue has a significant impact on the application's integrity, while confidentiality and availability remain unaffected.

BDU:2026-00025

CVSS3: 6.5

fstec

10 месяцев назад

Уязвимость компонента My Timesheet Fiori 2.0 программного обеспечения для управления персоналом SAP HCM, позволяющая нарушителю повысить привилегии

EPSS

Процентиль: 15%

0.00048

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-862