Vulnerabilities > Pimcore > Customer Management Framework > 2.4.2

DATE CVE VULNERABILITY TITLE RISK
2024-01-11 CVE-2024-21666 Improper Access Control vulnerability in Pimcore Customer Management Framework
The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management, segmentation, personalization and marketing automation.
network
low complexity
pimcore CWE-284
6.5
6.5
2024-01-11 CVE-2024-21667 Improper Access Control vulnerability in Pimcore Customer Management Framework
pimcore/customer-data-framework is the Customer Management Framework for management of customer data within Pimcore.
network
low complexity
pimcore CWE-284
6.5
6.5
2023-07-10 CVE-2023-3574 Unspecified vulnerability in Pimcore Customer Management Framework
Improper Authorization in GitHub repository pimcore/customer-data-framework prior to 3.4.1.
network
low complexity
pimcore
6.5
6.5
2023-05-17 CVE-2023-2756 SQL Injection vulnerability in Pimcore Customer Management Framework
SQL Injection in GitHub repository pimcore/customer-data-framework prior to 3.3.10.
network
low complexity
pimcore CWE-89
7.2
7.2
2023-05-11 CVE-2023-32075 Unspecified vulnerability in Pimcore Customer Management Framework
The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management.
network
low complexity
pimcore
4.3
4.3
2023-05-10 CVE-2023-2629 Improper Neutralization of Formula Elements in a CSV File vulnerability in Pimcore Customer Management Framework
Improper Neutralization of Formula Elements in a CSV File in GitHub repository pimcore/customer-data-framework prior to 3.3.9.
local
low complexity
pimcore CWE-1236
7.8
7.8