Headline
CVE-2021-42062
SAP ERP HCM Portugal does not perform necessary authorization checks for a report that reads the payroll data of employees in a certain area. Since the affected report only reads the payroll information, the attacker can neither modify any information nor cause availability impacts.
Related news
CVE-2021-20264: 1932283 – (CVE-2021-20264) CVE-2021-20264 containers/openjdk: /etc/passwd is given incorrect privileges
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.