Lucene search

Customer Relationship Management Security Vulnerabilities

cve

CVE-2017-15296

The Java component in SAP CRM has CSRF. This is SAP Security Note...

8.8CVSS

7AI Score

0.001EPSS

2017-10-16 04:29 PM

cve

CVE-2017-15294

The Java administration console in SAP CRM has XSS. This is SAP Security Note...

6.1CVSS

7AI Score

0.001EPSS

2017-10-16 04:29 PM

cve

CVE-2015-3979

Unspecified vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary code via unknown vectors, aka SAP Security Note...

8.2AI Score

0.007EPSS

2015-05-12 08:59 PM

cve

CVE-2015-3980

SQL injection vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note...

9.2AI Score

0.001EPSS

2015-05-12 08:59 PM

cve

CVE-2014-8669

The SAP Promotion Guidelines (CRM-MKT-MPL-TPM-PPG) module for SAP CRM allows remote attackers to execute arbitrary code via unspecified...

8.6AI Score

0.025EPSS

2014-11-06 03:55 PM

cve

CVE-2014-1962

Gwsync in SAP CRM 7.02 EHP 2 allows remote attackers to obtain sensitive information via unspecified vectors, related to an XML External Entity (XXE)...

7AI Score

0.002EPSS

2014-02-14 03:55 PM

cve

CVE-2013-7095

The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity (XXE)...

7.3AI Score

0.004EPSS

2013-12-13 08:08 PM