Vulnerabilities > CVE-2013-7095 - Unspecified vulnerability in SAP Customer Relationship Management 7.02
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity (XXE) issue.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://scn.sap.com/docs/DOC-8218
- http://scn.sap.com/docs/DOC-8218
- http://secunia.com/advisories/56064
- http://secunia.com/advisories/56064
- http://www.securityfocus.com/bid/64265
- http://www.securityfocus.com/bid/64265
- http://www.securitytracker.com/id/1029488
- http://www.securitytracker.com/id/1029488
- https://erpscan.io/advisories/erpscan-13-025-sap-crm-crm_flex_data-xxe/
- https://erpscan.io/advisories/erpscan-13-025-sap-crm-crm_flex_data-xxe/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89703
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89703
- https://service.sap.com/sap/support/notes/1909665
- https://service.sap.com/sap/support/notes/1909665