CVE-2015-3980

CVE-2015-3980

EPSS 1.4%

SQL injection vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2097534.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://www.onapsis.com/blog/analyzing-sap-security-notes-april-2015-edition/http://www.securityfocus.com/bid/74624 http://www.securitytracker.com/id/1032309