SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Prior to versions 7.15.1 and 8.9.3, the SuiteCRM REST API V8 has missing ACL (Access Control List) checks on several endpoints, allowing authenticated users to access and manipulate data they should not have permission to interact with. Versions 7.15.1 and 8.9.3 patch the issue.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NSuitecrm
APPSuitecrm< 7.15.18.0.0 – 8.9.3 (bez)
Related vulnerabilities
RCE w SuiteCRM — bypass patcha CVE-2024-49774 przez błąd w ModuleScanner
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Prio...
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Prio...
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Vers...
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Vers...