Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/11/10 5:22 a.m.8 views

CVE-2025-64489

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions 7.14.7 and prior, 8.0.0-beta.1 through 8.9.0 contain a privilege escalation vulnerability where user sessions are not invalidated upon account deactivation. An inactive user with an...

8.8CVSS6.9AI score0.0033EPSS
Exploits0References1
nvd
nvd
added 2025/11/08 1:15 a.m.7 views

CVE-2025-64489

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions 7.14.7 and prior, 8.0.0-beta.1 through 8.9.0 contain a privilege escalation vulnerability where user sessions are not invalidated upon account deactivation. An inactive user with an...

8.8CVSS0.0033EPSS
Exploits0References3
osv
osv
added 2025/11/08 12:15 a.m.7 views

CVE-2025-64489 SuiteCRM: Privilege Escalation via Improper Session Invalidation and Inactive User Bypass

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions 7.14.7 and prior, 8.0.0-beta.1 through 8.9.0 contain a privilege escalation vulnerability where user sessions are not invalidated upon account deactivation. An inactive user with an...

8.3CVSS7AI score0.0033EPSS
Exploits0References5
cvelist
cvelist
added 2025/11/08 12:15 a.m.20 views

CVE-2025-64489 SuiteCRM: Privilege Escalation via Improper Session Invalidation and Inactive User Bypass

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions 7.14.7 and prior, 8.0.0-beta.1 through 8.9.0 contain a privilege escalation vulnerability where user sessions are not invalidated upon account deactivation. An inactive user with an...

8.3CVSS0.0033EPSS
Exploits0References3
Rows per page
Query Builder