XML External Entity Vulnerability in SAP CRM Gwsync
CVE-2014-1962

Currently unrated

Key Information:

Vendor

SAP
Status
Customer Relationship Management
Vendor
CVE Published:
14 February 2014

What is CVE-2014-1962?

The Gwsync component of SAP CRM version 7.02 EHP 2 is susceptible to an XML External Entity (XXE) vulnerability, which enables remote attackers to exploit unspecified vectors to gain unauthorized access to sensitive information. This security issue results from the improper handling of XML input, potentially allowing attackers to manipulate server responses or access confidential data stored on the server.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://erpscan.io/advisories/erpscan-14-003-sap-crm-gwsy...
x_refsource_MISC
https://service.sap.com/sap/support/notes/1917054
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/91098
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.