CVE-2014-1962

CWE-200 — Information Exposure3 documents3 sources

Severity

5.0MEDIUM

EPSS

0.5%

top 32.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP Customer Relationship Management

Timeline

PublishedFeb 14

Latest updateMay 14

Description

Gwsync in SAP CRM 7.02 EHP 2 allows remote attackers to obtain sensitive information via unspecified vectors, related to an XML External Entity (XXE) issue.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDsap/customer_relationship_management7.02

🔴Vulnerability Details

GHSA

GHSA-p2rw-6hfm-78hp: Gwsync in SAP CRM 7↗2022-05-14

▶

CVEList

CVE-2014-1962: Gwsync in SAP CRM 7↗2014-02-14

▶