Vulnerabilities > SAP > Fiori Apps 2 0 FOR Travel Management IN SAP ERP > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-04-13 CVE-2021-27605 Missing Authorization vulnerability in SAP Fiori Apps 2.0 for Travel Management in SAP ERP
SAP's HCM Travel Management Fiori Apps V2, version - 608, does not perform proper authorization check, allowing an authenticated but unauthorized attacker to read personnel numbers of employees, resulting in escalation of privileges.
network
low complexity
sap CWE-862
4.3