Vulnerabilities > CVE-2015-3979 - Arbitrary Code Execution vulnerability in SAP Business Rules Framework

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

sap

NVD

Published: 2015-05-12

Updated: 2017-01-03

Summary

Unspecified vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary code via unknown vectors, aka SAP Security Note 2097534.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Customer Relationship Management -	1

References

http://www.onapsis.com/blog/analyzing-sap-security-notes-april-2015-edition/
http://www.securityfocus.com/bid/74626
http://www.securitytracker.com/id/1032309