Remote Code Execution Vulnerability in SAP CRM Promotion Guidelines Module
CVE-2014-8669

Currently unrated

Key Information:

Vendor: SAP
Status: Customer Relationship Management
Vendor: CVE Published:; 6 November 2014

Summary

The SAP Promotion Guidelines module within SAP CRM has a vulnerability that allows remote attackers to execute arbitrary code through unspecified vectors. This poses a significant risk as it can lead to unauthorized access and control over affected systems. Organizations using this module are urged to implement the necessary security patches and monitor their systems for any unusual activities.

References

http://service.sap.com/sap/support/notes/0001872638

x_refsource_MISC

http://blog.onapsis.com/analyzing-sap-security-notes-octo...

x_refsource_MISC

http://service.sap.com/sap/support/notes/0001835691

x_refsource_MISC

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 6, 2014