CNNVD-202511-862 Information
CNNVD ID
CNNVD-202511-862
Related CVE
- CNNVD Published: 2025-11-08
Description (Chinese)
SuiteCRM是SuiteCRM团队的一个客户关系管理系统。 SuiteCRM 7.14.7及之前版本和8.0.0-beta.1至8.9.0版本存在安全漏洞,该漏洞源于用户会话在账户停用时未失效,可能导致权限提升。
Description (English)
SuiteCRM is a customer relationship management system for the SuiteCRM team. SuiteCRM 7.14.7 and previous versions and versions 8.0.0-beta.1 to 8.9.0 have a security loophole, which stems from the fact that a user session did not expire at the time the account was deactivated, which could lead to an increase in privileges.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
SuiteCRM
Published
2025-11-08
Last Modified
2026-02-24
References
https://github.com/SuiteCRM/SuiteCRM-Core/commit/30277cfe69755f7360a23d4805e06a5c38f14131 https://github.com/SuiteCRM/SuiteCRM/security/advisories/GHSA-j6jg-9jj3-q2ph https://github.com/SuiteCRM/SuiteCRM/commit/40da2845a170832a4e9e9fa0ebe731f8c34de42d https://access.redhat.com/security/cve/cve-2025-64489
Patch
https://suitecrm.com/download/
Share on: