CVE-2013-7095

3 documents3 sources

Severity

10.0CRITICAL

EPSS

1.3%

top 20.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP Customer Relationship Management

Timeline

PublishedDec 13

Latest updateMay 14

Description

The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity (XXE) issue.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDsap/customer_relationship_management7.02

🔴Vulnerability Details

GHSA

GHSA-m44h-37m9-w5jw: The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7↗2022-05-14

▶

CVEList

CVE-2013-7095: The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7↗2013-12-13

▶