CNNVD-202508-718 Information
Aug 07, 2025
cve
CNNVD ID
CNNVD-202508-718
Related CVE
- CNNVD Published: 2025-08-07
Description (Chinese)
SuiteCRM是SuiteCRM团队的一个客户关系管理系统。 SuiteCRM 7.14.6版本存在授权问题漏洞,该漏洞源于允许未授权下载上传目录中的文件。
Description (English)
SuiteCRM is a customer relationship management system for the SuiteCRM team. Version 7.14.6 of SuiteCRM has a mandate gap, which stems from allowing unauthorized downloads of documents in the upload directory.
Hazard Level
Critical
Vulnerability Type
授权问题
Affected Vendor
SuiteCRM
Published
2025-08-07
Last Modified
2026-02-24
References
https://docs.suitecrm.com/admin/releases/7.14.x/#_7_14_7 https://github.com/SuiteCRM/SuiteCRM/security/advisories/GHSA-8r72-224q-g9fv https://access.redhat.com/security/cve/cve-2025-54787
Patch
https://github.com/SuiteCRM/SuiteCRM-Core/releases
Share on: