CVE Vulnerabilities

CVE-2024-42995

Published: Aug 16, 2024 | Modified: Apr 28, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io logo minimus.io logo echo.ai logo

VTiger CRM <= 8.1.0 does not correctly check user privileges. A low-privileged user can interact directly with the Migration administrative module to disable arbitrary modules.

Affected Software

NameVendorStart VersionEnd Version
Vtiger_crmVtiger*8.1.0 (including)

References