CVE-2015-3980 Information

Description

SQL injection vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary SQL commands via unspecified vectors aka SAP Security Note 2097534.

Reference

http://www.onapsis.com/blog/analyzing-sap-security-notes-april-2015-edition/ http://www.securityfocus.com/bid/74624 http://www.securitytracker.com/id/1032309