Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2011-0745

Опубликовано: 16 мар. 2011
Источник: nvd
CVSS2: 4
EPSS Низкий

Описание

SugarCRM before 6.1.3 does not properly handle reloads and direct requests for a warning page produced by a certain duplicate check, which allows remote authenticated users to discover (1) the names of customers via a ShowDuplicates action to the Accounts module, reachable through index.php; or (2) the names of contact persons via a ShowDuplicates action to the Contacts module, reachable through index.php.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sugarcrm:sugarcrm:*:*:*:*:*:*:*:*
Версия до 6.1.2 (включая)
cpe:2.3:a:sugarcrm:sugarcrm:1.0:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:1.0f:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:1.0g:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:1.1:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:1.1a:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:1.1b:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:1.1c:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:1.1d:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:1.1e:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:1.1f:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:1.5d:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:2.0.1a:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:2.0.1c:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:3.5:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:4.0:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:4.1:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:4.2:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:4.5.0:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:4.5.0f:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:4.5.1:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:4.5.1:*:community_edition:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:4.5.1i:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:4.5.1o:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.0.0:*:community_edition:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.0.0:*:sugar_community_edition:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.0.0h:*:sugar_community_edition:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.0.0k:*:sugar_community_edition:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.1.0:*:sugar_community_edition:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.1.0-beta:*:sugar_community_edition:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.1c:*:sugar_community_edition:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.1l:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.2.0g:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.2a:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.2c:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.2c:*:sugar_community_edition:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.2d:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.2d:*:sugar_community_edition:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.2e:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.2e:*:sugar_community_edition:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.2f:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.2g:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.2h:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.5:beta1:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.5:beta2:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.5.1:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.5.2:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.5.3:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.5.4:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:5.5a:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:6.0:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:6.1.0:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugarcrm:6.1.1:*:*:*:*:*:*:*

EPSS

Процентиль: 90%
0.05636
Низкий

4 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2011-0745

ubuntu
почти 15 лет назад

SugarCRM before 6.1.3 does not properly handle reloads and direct requests for a warning page produced by a certain duplicate check, which allows remote authenticated users to discover (1) the names of customers via a ShowDuplicates action to the Accounts module, reachable through index.php; or (2) the names of contact persons via a ShowDuplicates action to the Contacts module, reachable through index.php.

debian логотип

CVE-2011-0745

debian
почти 15 лет назад

SugarCRM before 6.1.3 does not properly handle reloads and direct requ ...

github логотип

GHSA-rpm4-2vv9-4p54

github
больше 3 лет назад

SugarCRM before 6.1.3 does not properly handle reloads and direct requests for a warning page produced by a certain duplicate check, which allows remote authenticated users to discover (1) the names of customers via a ShowDuplicates action to the Accounts module, reachable through index.php; or (2) the names of contact persons via a ShowDuplicates action to the Contacts module, reachable through index.php.

EPSS

Процентиль: 90%
0.05636
Низкий

4 Medium

CVSS2

Дефекты

CWE-20