SQL Injection Vulnerability in SuiteCRM by SalesAgility
CVE-2024-36412

9.8CRITICAL

Key Information:

Vendor
Salesagility
Status
Suitecrm
Vendor
CVE Published:
10 June 2024

Badges

📈 Score: 540👾 Exploit Exists🟣 EPSS 92%📰 News Worthy

What is CVE-2024-36412?

CVE-2024-36412 is a SQL injection vulnerability found in SuiteCRM, an open-source Customer Relationship Management (CRM) platform developed by SalesAgility. This vulnerability allows malicious actors to exploit an entry point in the events response functionality, potentially enabling them to execute unauthorized SQL commands. If successfully exploited, it could lead to detrimental consequences for organizations by compromising sensitive customer data and system integrity. Organizations utilizing this version of SuiteCRM prior to the patches can be at significant risk if they do not upgrade to the secure versions.

Technical Details

The vulnerability resides in specific versions of SuiteCRM, specifically before versions 7.14.4 and 8.6.1. It stems from the inadequate validation of user input, particularly in the events response entry point, which facilitates SQL injection attacks. Attackers could send specially crafted input that manipulates the intended SQL query, allowing them to unauthorizedly retrieve or manipulate data in the database. The flaw has been addressed in the newer versions, but those remaining on outdated versions remain vulnerable.

Potential Impact of CVE-2024-36412

  1. Data Exposure: Successful exploitation could lead to unauthorized access to sensitive customer data, including personal information and business-related data, which could be detrimental to the organization’s reputation and compliance with data protection regulations.

  2. Database Manipulation: Attackers could alter or delete critical records in the database, potentially disrupting business operations and leading to data loss that may require significant recovery efforts.

  3. System Compromise: The vulnerability could serve as a foothold for further attacks, allowing malicious actors to escalate their privileges within the system and deploy additional payloads or gain access to other connected systems.

News Articles

favicon imageSonicWall

Critical SQL Injection Vulnerability in SuiteCRM (CVE-2024-36412)

OverviewSonicWall Capture Labs threat research team became aware of the threat CVE-2024-36412, assessed its impact and developed mitigation measures for this vulnerability.CVE-2024-36412 is a critical...

References

https://github.com/salesagility/SuiteCRM/security/advisor...

EPSS Score

92% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by SonicWall

  • Vulnerability published

.
CVE-2024-36412 : SQL Injection Vulnerability in SuiteCRM by SalesAgility | SecurityVulnerability.io