Security Advisory

CVE-2025-42913

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-09 02:06:16

Last updated 2026-02-26 17:49:07

Assigner sap

State PUBLISHED

Description

Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an authenticated attacker with in-depth system knowledge to escalate privileges and perform activities that are otherwise restricted, resulting in a low impact on the integrity of the application. Confidentiality and availability are not impacted.

← Browse all CVEs View on cve.org ↗