CVE-2011-0745

SugarCRM before 6.1.3 does not properly handle reloads and direct requests for a warning page produced by a certain duplicate check, which allows remote authenticated users to discover (1) the names of customers via a ShowDuplicates action to the Accounts module, reachable through index.php; or (2) the names of contact persons via a ShowDuplicates action to the Contacts module, reachable through index.php.
Severity
UNKNOWN
AV:N/AC:L/Au:S/C:P/I:N/A:N
Atk. Vector
NETWORK
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
VendorProductVersion
sugarcrmsugarcrm
𝑥
≤ 6.1.2
sugarcrmsugarcrm
1.0
sugarcrmsugarcrm
1.0f
sugarcrmsugarcrm
1.0g
sugarcrmsugarcrm
1.1
sugarcrmsugarcrm
1.1a
sugarcrmsugarcrm
1.1b
sugarcrmsugarcrm
1.1c
sugarcrmsugarcrm
1.1d
sugarcrmsugarcrm
1.1e
sugarcrmsugarcrm
1.1f
sugarcrmsugarcrm
1.5d
sugarcrmsugarcrm
2.0.1
sugarcrmsugarcrm
2.0.1a
sugarcrmsugarcrm
2.0.1c
sugarcrmsugarcrm
3.0.1
sugarcrmsugarcrm
3.5
sugarcrmsugarcrm
3.5.1
sugarcrmsugarcrm
4.0
sugarcrmsugarcrm
4.0.1
sugarcrmsugarcrm
4.1
sugarcrmsugarcrm
4.2
sugarcrmsugarcrm
4.2.1
sugarcrmsugarcrm
4.5.0
sugarcrmsugarcrm
4.5.0f
sugarcrmsugarcrm
4.5.1
sugarcrmsugarcrm
4.5.1
sugarcrmsugarcrm
4.5.1i
sugarcrmsugarcrm
4.5.1o
sugarcrmsugarcrm
5.0.0
sugarcrmsugarcrm
5.0.0
sugarcrmsugarcrm
5.0.0
sugarcrmsugarcrm
5.0.0h
sugarcrmsugarcrm
5.0.0k
sugarcrmsugarcrm
5.1.0
sugarcrmsugarcrm
5.1.0-beta
sugarcrmsugarcrm
5.1c
sugarcrmsugarcrm
5.1l
sugarcrmsugarcrm
5.2.0g
sugarcrmsugarcrm
5.2a
sugarcrmsugarcrm
5.2c
sugarcrmsugarcrm
5.2c
sugarcrmsugarcrm
5.2d
sugarcrmsugarcrm
5.2d
sugarcrmsugarcrm
5.2e
sugarcrmsugarcrm
5.2e
sugarcrmsugarcrm
5.2f
sugarcrmsugarcrm
5.2g
sugarcrmsugarcrm
5.2h
sugarcrmsugarcrm
5.5
sugarcrmsugarcrm
5.5
sugarcrmsugarcrm
5.5.0
sugarcrmsugarcrm
5.5.1
sugarcrmsugarcrm
5.5.2
sugarcrmsugarcrm
5.5.3
sugarcrmsugarcrm
5.5.4
sugarcrmsugarcrm
5.5a
sugarcrmsugarcrm
6.0
sugarcrmsugarcrm
6.0.1
sugarcrmsugarcrm
6.0.2
sugarcrmsugarcrm
6.0.3
sugarcrmsugarcrm
6.1.0
sugarcrmsugarcrm
6.1.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
sugarcrm
natty
dne
maverick
dne
lucid
dne
karmic
dne
hardy
dne
dapper
ignored