Vulnerability Database

309,136

Total vulnerabilities in the database

CVE-2013-7095

The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity (XXE) issue.

Published: Dec 13, 2013
Updated: Nov 9, 2025
CVE: CVE-2013-7095
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
sap / customer_relationship_management	7.02-ehp2	7.02-ehp2.x

http://scn.sap.com/docs/DOC-8218
http://secunia.com/advisories/56064
http://www.securityfocus.com/bid/64265
http://www.securitytracker.com/id/1029488
https://erpscan.io/advisories/erpscan-13-025-sap-crm-crm_flex_data-xxe/
https://exchange.xforce.ibmcloud.com/vulnerabilities/89703
https://service.sap.com/sap/support/notes/1909665

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo