ГлавнаяУязвимости → CVE-2022-45185
8.8высокая

CVE-2022-45185

Описание

An issue was discovered in SuiteCRM 7.12.7. Authenticated users can use CRM functions to upload malicious files. Then, deserialization can be used to achieve code execution.

Затрагиваемое ПО
Salesagility Suitecrm
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://docs.suitecrm.com/admin/releases/7.12.x/https://github.com/Orange-Cyberdefense/CVE-repository/https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_SuiteCRM.pyhttps://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_SuiteCRM.py