cvedb.io
CVE-2022-22535
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2022-02-09T23:15:18.573 · Last modified 2026-06-17T04:28:33.083

Summary

SAP ERP HCM Portugal - versions 600, 604, 608, does not perform necessary authorization checks for a report that reads the payroll data of employees in a certain area. Since the affected report only reads the payroll information, the attacker can neither modify any information nor cause availability impacts.

Affected products

sap — erp_human_capital_management

Does this affect you?

Add your gear to cvedb and we'll alert you only when sap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.