Vulnerabilities > Pimcore > Customer Management Framework > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-01-11 CVE-2024-21666 Improper Access Control vulnerability in Pimcore Customer Management Framework
The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management, segmentation, personalization and marketing automation.
network
low complexity
pimcore CWE-284
6.5
6.5
2024-01-11 CVE-2024-21667 Improper Access Control vulnerability in Pimcore Customer Management Framework
pimcore/customer-data-framework is the Customer Management Framework for management of customer data within Pimcore.
network
low complexity
pimcore CWE-284
6.5
6.5
2023-07-10 CVE-2023-3574 Unspecified vulnerability in Pimcore Customer Management Framework
Improper Authorization in GitHub repository pimcore/customer-data-framework prior to 3.4.1.
network
low complexity
pimcore
6.5
6.5
2023-05-11 CVE-2023-32075 Unspecified vulnerability in Pimcore Customer Management Framework
The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management.
network
low complexity
pimcore
4.3
4.3
2021-08-04 CVE-2021-31867 SQL Injection vulnerability in Pimcore Customer Management Framework
Pimcore Customer Data Framework version 3.0.0 and earlier suffers from a Boolean-based blind SQL injection issue in the $id parameter of the SegmentAssignmentController.php component of the application.
network
low complexity
pimcore CWE-89
5.0
5.0