Lucene search

GoogleOSV:CVE-2023-6126

HistoryNov 14, 2023 - 4:15 p.m.

CVE-2023-6126

2023-11-1416:15:27

Google

osv.dev

github repository

code injection

suitecrm

software

security vulnerability

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.7%

JSON

Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

CPENameOperatorVersion
suitecrmeq7.3.1
suitecrmeq7.9.0
suitecrmeq7.9.13
suitecrmeq7.7.7
suitecrmeq7.9.3
suitecrmeq7.5.1
suitecrmeq7.10.15
suitecrmeq7.10.9
suitecrmeq7.6-beta.2
suitecrmeq7.4.3

Name	Operator	Version
suitecrm	eq	7.3.1
suitecrm	eq	7.9.0
suitecrm	eq	7.9.13
suitecrm	eq	7.7.7
suitecrm	eq	7.9.3
suitecrm	eq	7.5.1
suitecrm	eq	7.10.15
suitecrm	eq	7.10.9
suitecrm	eq	7.6-beta.2
suitecrm	eq	7.4.3

Rows per page:

1-10 of 1841

References

github.com/salesagility/suitecrm/commit/54bc56c3bd9f1db75408db1c1d7d652c3f5f71e9

huntr.com/bounties/e22a9be3-3273-42cb-bfcc-c67a1025684e

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.7%

JSON

Related for OSV:CVE-2023-6126