CVE-2022-22535

CVE-2022-22535

SAP ERP HCM Portugal – versions 600, 604, 608, does not perform necessary authorization checks for a report that reads the payroll data of employees in a certain area. Since the affected report only reads the payroll information, the attacker can neither modify any information nor cause availability impacts.

Source: CVE-2022-22535