JVN#01956993: Vtiger CRM does not properly restrict access to application data

2016-07-20T00:00:00
ID JVN:01956993
Type jvn
Reporter Japan Vulnerability Notes
Modified 2016-07-20T00:00:00

Description

## Description

Vtiger CRM is a customer relationship management (CRM) software. Vtiger CRM contains a vulnerability where it does not properly restrict access to user information data.

## Impact

A user with user privileges may create new users or alter existing user information.

## Solution

Update the software
Update the software according to the information provided by the developer.

## Products Affected

  • Vtiger CRM 6.4.0 and earlier