SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Insufficient input value validation causes Blind SQL injection in DeleteRelationShip. This issue has been addressed in versions 7.14.6 and 8.7.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Metrics
Affected Vendors & Products
References
History
Tue, 05 Nov 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Salesagility
Salesagility suitecrm |
|
CPEs | cpe:2.3:a:salesagility:suitecrm:*:*:*:*:*:*:*:* | |
Vendors & Products |
Salesagility
Salesagility suitecrm |
|
Metrics |
ssvc
|
Tue, 05 Nov 2024 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Insufficient input value validation causes Blind SQL injection in DeleteRelationShip. This issue has been addressed in versions 7.14.6 and 8.7.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |
Title | Authenticated Blind SQL Injection in DeleteRelationShip in SuiteCRM | |
Weaknesses | CWE-89 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-11-05T18:40:14.977Z
Updated: 2024-11-05T18:58:13.409Z
Reserved: 2024-10-22T17:54:40.953Z
Link: CVE-2024-50332
Vulnrichment
Updated: 2024-11-05T18:58:09.232Z
NVD
Status : Awaiting Analysis
Published: 2024-11-05T19:15:06.623
Modified: 2024-11-06T18:17:17.287
Link: CVE-2024-50332
Redhat
No data.