Lucene search
Japan Vulnerability NotesJVN:31035930HistoryAug 24, 2009 - 12:00 a.m.
JVN#31035930 SugarCRM vulnerable to SQL injection
2009-08-2400:00:00
Japan Vulnerability Notes
jvn.jp
12
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.4%
SugarCRM is a customer relationship management (CRM) software. SugarCRM contains a SQL injection vulnerability.
Impact
As a result of SQL injection, contents within the database can be compromised.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Products Affected
- SugarCRM Community/Professional/Enterprise Editions 5.2.0g and earlier
- SugarCRM Community/Professional/Enterprise Editions 5.0.0k and earlier
- SugarCRM Community/Professional/Enterprise Editions 4.5.1o and earlier
Related
cve
cve
CVE-2009-2978
2009-08-27 18:30:00
ubuntucve
ubuntucve
CVE-2009-2978
2009-08-27 00:00:00
cvelist
cvelist
CVE-2009-2978
2009-08-27 18:00:00
prion
prion
Sql injection
2009-08-27 18:30:00
nvd
nvd
CVE-2009-2978
2009-08-27 18:30:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.4%
Related for JVN:31035930