CVE-2020-8787

EUVD-2020-29635
SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow for an invalid Bean ID to be submitted.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
Affected Products (NVD)
VendorProductVersion
salesagilitysuitecrm
7.10.0 ≤
𝑥
< 7.10.23
salesagilitysuitecrm
7.11.0 ≤
𝑥
< 7.11.11
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_23
https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_11
https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_23
https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_11