Vulnerability Description
The Java component in SAP CRM has CSRF. This is SAP Security Note 2478964.
CVSS Score
8.8
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sap | Customer Relationship Management | 700 |
Related Weaknesses (CWE)
References
- https://blogs.sap.com/2017/07/11/sap-security-patch-day-july-2017/Issue TrackingVendor Advisory
- https://erpscan.io/advisories/erpscan-17-036-csrf-sap-java-crm/
- https://blogs.sap.com/2017/07/11/sap-security-patch-day-july-2017/Issue TrackingVendor Advisory
- https://erpscan.io/advisories/erpscan-17-036-csrf-sap-java-crm/
FAQ
What is CVE-2017-15296?
CVE-2017-15296 is a vulnerability with a CVSS score of 8.8 (HIGH). The Java component in SAP CRM has CSRF. This is SAP Security Note 2478964.
How severe is CVE-2017-15296?
CVE-2017-15296 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-15296?
Check the references section above for vendor advisories and patch information. Affected products include: Sap Customer Relationship Management.