CVE-2024-47581
MEDIUMSAP HCM Approve Timesheets <4 - Privilege Escalation
Title source: llmDescription
SAP HCM Approve Timesheets Version 4 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.There is low impact on integrity of the application. Confidentiality and availibility are not impacted.
References (2)
Core 2
Core References
Vendor Advisory
https://me.sap.com/notes/3522332
Vendor Advisory
https://url.sap/sapsecuritypatchday
Scores
CVSS v3
4.3
EPSS
0.0009
EPSS Percentile
24.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-862
Status
published
Products (1)
SAP_SE/SAP HCM
S4HCMGXX 101
Published
Dec 10, 2024
Tracked Since
Feb 18, 2026