Vulnerabilities > SAP > Access Control

DATE CVE VULNERABILITY TITLE RISK
2022-09-13 CVE-2022-39801 Improper Authentication vulnerability in SAP Access Control 12
SAP GRC Access control Emergency Access Management allows an authenticated attacker to access a Firefighter session even after it is closed in Firefighter Logon Pad.
network
high complexity
sap CWE-287
7.5
2021-12-14 CVE-2021-44233 Missing Authorization vulnerability in SAP Access Control V1100700/V1100731/V1200750
SAP GRC Access Control - versions V1100_700, V1100_731, V1200_750, does not perform necessary authorization checks for an authenticated user, which could lead to escalation of privileges.
network
low complexity
sap CWE-862
8.8