VTiger CRM Privilege Escalation Vulnerability
CVE-2024-42995

Currently unrated

Key Information:

Vendor

VTiger

Status
Vtiger Crm
Vendor
CVE Published:
16 August 2024

What is CVE-2024-42995?

VTiger CRM <= 8.1.0 does not correctly check user privileges. A low-privileged user can interact directly with the "Migration" administrative module to disable arbitrary modules.

References

https://www.shielder.com/advisories/vtiger-migration-bac/

Timeline

  • Vulnerability published

.
CVE-2024-42995 : VTiger CRM Privilege Escalation Vulnerability