cvedb.io
CVE-2021-42062
MEDIUM · CVSS 4.3
EPSS exploitation probability: 0%
Published 2021-11-10T16:15:09.277 · Last modified 2026-06-17T04:09:14.780

Summary

SAP ERP HCM Portugal does not perform necessary authorization checks for a report that reads the payroll data of employees in a certain area. Since the affected report only reads the payroll information, the attacker can neither modify any information nor cause availability impacts.

Affected products

sap — erp_human_capital_management

Does this affect you?

Add your gear to cvedb and we'll alert you only when sap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.