CNNVD-202508-642 Information

CNNVD ID

CNNVD-202508-642

Related CVE

CVE-2025-54786

• CNNVD Published: 2025-08-07

Description (Chinese)

SuiteCRM是SuiteCRM团队的一个客户关系管理系统。 SuiteCRM 7.14.6和8.8.0版本存在访问控制错误漏洞，该漏洞源于遗留iCal服务身份验证缺陷，可能导致未授权访问会议数据。

Description (English)

SuiteCRM is a customer relationship management system for the SuiteCRM team. Releases 7.14.6 and 8.8.0 of SuiteCRM contain access control errors that stem from the legacy of iCal service authentication deficiencies, which may lead to unauthorized access to meeting data.

Hazard Level

High

Vulnerability Type

访问控制错误

Affected Vendor

SuiteCRM

Published

2025-08-07

Last Modified

2026-02-24

References

https://docs.suitecrm.com/8.x/admin/releases/8.8 https://github.com/SuiteCRM/SuiteCRM-Core/security/advisories/GHSA-rf2v-4mv3-qcgm

Patch

https://github.com/SuiteCRM/SuiteCRM-Core/releases