SuiteCRM is an open-source customer relationship management (CRM) system. Prior to version 7.14.5 and 8.6.2, insufficient access control checks allow a threat actor to delete records via the API. Versions 7.14.5 and 8.6.2 contain a patch for the issue.
References
Link | Resource |
---|---|
https://docs.suitecrm.com/admin/releases/7.14.x/#_7_14_5 | Release Notes |
https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-8qfx-h7pm-2587 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
06 Sep 2024, 13:24
Type | Values Removed | Values Added |
---|---|---|
First Time |
Salesagility
Salesagility suitecrm |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.3 |
CPE | cpe:2.3:a:salesagility:suitecrm:*:*:*:*:*:*:*:* | |
References | () https://docs.suitecrm.com/admin/releases/7.14.x/#_7_14_5 - Release Notes | |
References | () https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-8qfx-h7pm-2587 - Third Party Advisory | |
Summary |
|
|
CWE | NVD-CWE-Other |
05 Sep 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-05 17:15
Updated : 2024-09-06 13:24
NVD link : CVE-2024-45392
Mitre link : CVE-2024-45392
CVE.ORG link : CVE-2024-45392
JSON object : View
Products Affected
salesagility
- suitecrm
CWE