PT-2026-24163 · Sap · Sap Erp Hcm Portugal+1

Published

2026-03-10

·

Updated

2026-03-10

·

CVE-2026-27687

CVSS v3.1

5.8

Medium

VectorAV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions SAP S/4HANA HCM Portugal (affected versions not specified) SAP ERP HCM Portugal (affected versions not specified)
Description A missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal allows a user with high privileges to access sensitive data belonging to another company. This impacts the confidentiality of data.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2026-27687

Affected Products

Sap Erp Hcm Portugal
Sap S/4Hana Hcm Portugal