Vulnerability Details CVE-2015-3980
SQL injection vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2097534.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.onapsis.com/blog/analyzing-sap-security-notes-april-2015-edition/
- http://www.securityfocus.com/bid/74624
- http://www.securitytracker.com/id/1032309
- http://www.onapsis.com/blog/analyzing-sap-security-notes-april-2015-edition/
- http://www.securityfocus.com/bid/74624
- http://www.securitytracker.com/id/1032309
Products affected by CVE-2015-3980
-
cpe:2.3:a:sap:customer_relationship_management:-