CyberSec.Space Logo
Back to CVE Browser

CVE-2013-7095

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0800%
EPSS Percentile29.08th
PublishedDec 13, 2013
Last ModifiedApr 29, 2026

Vulnerability Description

The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity (XXE) issue.

Affected Platforms (CPE)

πŸ“¦
Sap

Customer Relationship Management

= 7.02

References & Advisories

πŸ”— http://scn.sap.com/docs/DOC-8218
πŸ”— http://secunia.com/advisories/56064
πŸ”— http://www.securityfocus.com/bid/64265
πŸ”— http://www.securitytracker.com/id/1029488
πŸ”— https://erpscan.io/advisories/erpscan-13-025-sap-crm-crm_flex_data-xxe/
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/89703
πŸ”— https://service.sap.com/sap/support/notes/1909665
πŸ”— http://scn.sap.com/docs/DOC-8218

Related Vulnerabilities

CVE-2021-431309.8

An SQL Injection vulnerability exists in Sourcecodester Customer Relationship Management System (CRM) 1.0 via the username paramet...

CVE-2021-372218.8

A file upload vulnerability exists in Sourcecodester Customer Relationship Management System 1.0 via the account update option & c...

CVE-2005-40877.5

PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) ...

CVE-2007-38697.5

Multiple unspecified vulnerabilities in the Customer Relationship Management Online Marketing component in Oracle PeopleSoft Enter...