Bean Manipulation Vulnerability in SugarCRM Enterprise and Other Editions

CVE-2023-35809

What is CVE-2023-35809?

A Bean Manipulation vulnerability has been discovered in SugarCRM Enterprise versions prior to 11.0.6 and 12.x versions before 12.0.3. This issue arises from inadequate input validation in the REST API, allowing attackers to inject custom PHP code using specifically crafted requests. Notably, regular user privileges suffice for exploitation, rendering various editions of SugarCRM vulnerable to this security flaw.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References