Lucene search
China National Vulnerability DatabaseCNVD-2022-20582HistoryMar 14, 2022 - 12:00 a.m.
SuiteCRM Deserialization Vulnerability
2022-03-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
0.003 Low
EPSS
Percentile
71.1%
SuiteCRM is a customer relationship management system from the SuiteCRM team. SuiteCRM suffers from a deserialization vulnerability that stems from insecure deserialization of serialized data received by the application from users, which can be exploited by attackers to execute arbitrary code via carefully constructed deserialized data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| SuiteCRM SuiteCRM | le | 7.12.5 | |
| SuiteCRM SuiteCRM >=8.0, | lt | 8.0.4 |
Related
cvelist
cvelist
CVE-2022-23940
2022-03-07 19:06:35
osv
osv
BIT-suitecrm-2022-23940
2024-03-06 11:08:05
CVE-2022-23940
2022-03-10 17:45:56
checkpoint_advisories
checkpoint_advisories
SalesAgility SuiteCRM Remote Code Execution (CVE-2022-23940)
2022-10-02 00:00:00
cve
cve
CVE-2022-23940
2022-03-10 17:45:56
prion
prion
Deserialization of untrusted data
2022-03-10 17:45:00
nvd
nvd
CVE-2022-23940
2022-03-10 17:45:56
githubexploit
githubexploit
Exploit for Deserialization of Untrusted Data in Salesagility Suitecrm
2022-03-06 17:05:02