Vulnerability Details CVE-2014-1962
Gwsync in SAP CRM 7.02 EHP 2 allows remote attackers to obtain sensitive information via unspecified vectors, related to an XML External Entity (XXE) issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.7%
CVSS Severity
CVSS v2 Score 5.0
References
- http://scn.sap.com/docs/DOC-8218
- http://secunia.com/advisories/56944
- https://erpscan.io/advisories/erpscan-14-003-sap-crm-gwsync-xxe/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91098
- https://service.sap.com/sap/support/notes/1917054
- http://scn.sap.com/docs/DOC-8218
- http://secunia.com/advisories/56944
- https://erpscan.io/advisories/erpscan-14-003-sap-crm-gwsync-xxe/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91098
- https://service.sap.com/sap/support/notes/1917054
Products affected by CVE-2014-1962
-
cpe:2.3:a:sap:customer_relationship_management:7.02