Code Execution Vulnerability in SAP CRM Business Rules Framework
CVE-2015-3979

Currently unrated

Key Information:

Vendor: SAP
Status: Customer Relationship Management
Vendor: CVE Published:; 12 May 2015

Summary

The Business Rules Framework (CRM-BF-BRF) in SAP CRM has a vulnerability that allows attackers to execute arbitrary code through unspecified vectors. This issue may lead to severe consequences for the integrity and confidentiality of the system. It is crucial for SAP CRM users to implement the recommended security updates as outlined in SAP Security Note 2097534 to mitigate the risk associated with this vulnerability.

References

http://www.onapsis.com/blog/analyzing-sap-security-notes-...

x_refsource_MISC

http://www.securityfocus.com/bid/74626

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1032309

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
May 12, 2015
Vulnerability Reserved
May 12, 2015