Vulnerabilities > CVE-2024-36414 - Server-Side Request Forgery (SSRF) vulnerability in Salesagility Suitecrm

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
salesagility
CWE-918
NVD
Published: 2024-06-10
Updated: 2024-06-12

Summary

SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in the connectors file verification allows for a server-side request forgery attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue.

Vulnerable Configurations

Part Description Count
Application
Salesagility
235

Common Weakness Enumeration (CWE)

References