exploitDog

CVE-2021-41869

Опубликовано: 04 окт. 2021

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

SuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation.

Ссылки

https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_33
Release Notes
Vendor Advisory
https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_22
Release Notes
Vendor Advisory
https://github.com/ach-ing/cves/blob/main/CVE-2021-41869.md
Third Party Advisory
https://github.com/salesagility/SuiteCRM
Product
Third Party Advisory
https://suitecrm.com
Product
Vendor Advisory
https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_33
Release Notes
Vendor Advisory
https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_22
Release Notes
Vendor Advisory
https://github.com/ach-ing/cves/blob/main/CVE-2021-41869.md
Third Party Advisory
https://github.com/salesagility/SuiteCRM
Product
Third Party Advisory
https://suitecrm.com
Product
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:salesagility:suitecrm:*:*:*:*:*:*:*:*

Версия от 7.10.0 (включая) до 7.10.33 (исключая)

cpe:2.3:a:salesagility:suitecrm:*:*:*:*:*:*:*:*

Версия от 7.11.0 (включая) до 7.11.22 (исключая)

EPSS

Процентиль: 75%

0.00883

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-xq47-m665-g822

CVSS3: 8.8

github

больше 3 лет назад

SuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation.

EPSS

Процентиль: 75%

0.00883

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo