The SAP Fiori app (My Overtime Request) - version 605, does not perform the necessary authorization checks for an authenticated user which may result in an escalation of privileges. It is possible to manipulate the URLs of data requests to access information that the user should not have access to. There is no impact on integrity and availability.
History

Wed, 16 Oct 2024 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Sap
Sap fiori
CPEs cpe:2.3:a:sap:fiori:605:*:*:*:*:*:*:*
Vendors & Products Sap
Sap fiori

cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2024-02-13T03:37:14.954Z

Updated: 2024-08-01T23:44:09.819Z

Reserved: 2024-02-09T04:10:20.036Z

Link: CVE-2024-25643

cve-icon Vulnrichment

Updated: 2024-08-01T23:44:09.819Z

cve-icon NVD

Status : Modified

Published: 2024-02-13T04:15:08.590

Modified: 2024-11-21T09:01:08.590

Link: CVE-2024-25643

cve-icon Redhat

No data.