CVE-2021-42062

CVE-2021-42062

Vendor Sap Se
Product SAP ERP HCM Portugal
Weakness CWE-862 · Missing authorization
Published November 10, 2021
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

SAP ERP HCM Portugal does not perform necessary authorization checks for a report that reads the payroll data of employees in a certain area. Since the affected report only reads the payroll information, the attacker can neither modify any information nor cause availability impacts.

Key dates

02Disclosure timeline

November 10, 2021 CVE published
August 4, 2024 Record updated