Vulnerabilities > SAP > Customer Relationship Management > 7.02

DATE CVE VULNERABILITY TITLE RISK
2018-03-01 CVE-2018-2380 Path Traversal vulnerability in SAP Customer Relationship Management
SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
network
low complexity
sap CWE-22
6.5
6.5
2014-02-14 CVE-2014-1962 Information Exposure vulnerability in SAP Customer Relationship Management 7.02
Gwsync in SAP CRM 7.02 EHP 2 allows remote attackers to obtain sensitive information via unspecified vectors, related to an XML External Entity (XXE) issue.
network
low complexity
sap CWE-200
5.0
5.0
2013-12-13 CVE-2013-7095 Unspecified vulnerability in SAP Customer Relationship Management 7.02
The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity (XXE) issue.
network
low complexity
sap
critical
 10.0
10