cvedb.io
CVE-2022-29613
MEDIUM · CVSS 4.3
EPSS exploitation probability: 0%
Published 2022-05-11T15:15:09.940 · Last modified 2026-06-17T04:40:30.553

Summary

Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number. On successful exploitation, the attacker can view personal details of other users causing a limited impact on confidentiality of the application.

Affected products

sap — employee_self_service

Does this affect you?

Add your gear to cvedb and we'll alert you only when sap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.