CVE-2020-8787

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow for an invalid Bean ID to be submitted.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
VendorProductVersion
salesagilitysuitecrm
7.10.0 ≤
𝑥
< 7.10.23
salesagilitysuitecrm
7.11.0 ≤
𝑥
< 7.11.11
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_23
https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_11
https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_23
https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_11