CVE-2024-22133

Name of the Vulnerable Software and Affected Versions SAP Fiori Front End Server version 605

Description The issue allows altering of approver details on the read-only field when sending leave request information, potentially leading to the creation of requests with incorrect approvers. This could cause low impact on Confidentiality and Integrity with no impact on Availability of the application.

Recommendations For SAP Fiori Front End Server version 605, consider restricting access to the leave request functionality until a patch is available to prevent alteration of approver details. As a temporary workaround, disabling the ability to edit approver details in the read-only field may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.