Sap Customer Relationship Management — known CVE vulnerabilities
Every CVE whose affected-product data names Sap Customer Relationship Management, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2013-7095 — CVSS 10.0 (critical): The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an…
CVE-2014-8669 — CVSS 10.0 (critical): The SAP Promotion Guidelines (CRM-MKT-MPL-TPM-PPG) module for SAP CRM allows remote attackers to execute arbitrary code via unspecified…
CVE-2015-3979 — CVSS 7.5 (high): Unspecified vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary code via unknown…
CVE-2015-3980 — CVSS 7.5 (high): SQL injection vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary SQL commands via…
CVE-2021-33676 — CVSS 7.2 (high): A missing authority check in SAP CRM, versions - 700, 701, 702, 712, 713, 714, could be leveraged by an attacker with high privileges to…
CVE-2023-27897 — CVSS 6.0 (medium): In SAP CRM - versions 700, 701, 702, 712, 713, an attacker who is authenticated with a non-administrative role and a common remote…
CVE-2014-1962 — CVSS 5.0 (medium): Gwsync in SAP CRM 7.02 EHP 2 allows remote attackers to obtain sensitive information via unspecified vectors, related to an XML External…