Vulnerabilities (CVE)

Filtered by vendor Sap Subscribe

Filtered by product Customer Relationship Management

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2013-7095	1 Sap	1 Customer Relationship Management	2018-12-10	10.0 HIGH	N/A
The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity (XXE) issue.
CVE-2014-1962	1 Sap	1 Customer Relationship Management	2018-12-10	5.0 MEDIUM	N/A
Gwsync in SAP CRM 7.02 EHP 2 allows remote attackers to obtain sensitive information via unspecified vectors, related to an XML External Entity (XXE) issue.
CVE-2015-3979	1 Sap	1 Customer Relationship Management	2017-01-03	7.5 HIGH	N/A
Unspecified vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary code via unknown vectors, aka SAP Security Note 2097534.
CVE-2015-3980	1 Sap	1 Customer Relationship Management	2017-01-03	7.5 HIGH	N/A
SQL injection vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2097534.
CVE-2014-8669	1 Sap	1 Customer Relationship Management	2014-11-07	10.0 HIGH	N/A
The SAP Promotion Guidelines (CRM-MKT-MPL-TPM-PPG) module for SAP CRM allows remote attackers to execute arbitrary code via unspecified vectors.