CVE-2019-17310: Code Injection
First published: Mon Oct 07 2019(Updated: )
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sugarcrm Sugarcrm | >=7.9.0.0<7.9.5.0 | |
| Sugarcrm Sugarcrm | >=8.0.0<8.0.4 | |
| Sugarcrm Sugarcrm | >=9.0.0<9.0.2 | |
| Sugarcrm Sugarcrm | >=7.9.0.0<7.9.5.0 | |
| Sugarcrm Sugarcrm | >=8.0.0<8.0.4 | |
| Sugarcrm Sugarcrm | >=9.0.0<9.0.2 | |
| Sugarcrm Sugarcrm | >=7.9.0.0<7.9.5.0 | |
| Sugarcrm Sugarcrm | >=8.0.0<8.0.4 | |
| Sugarcrm Sugarcrm | >=9.0.0<9.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-17310?
CVE-2019-17310 is a vulnerability that allows PHP code injection in the Campaigns module of SugarCRM before 8.0.4 and 9.x before 9.0.2 by an Admin user.
How does CVE-2019-17310 impact SugarCRM?
CVE-2019-17310 has a severity rating of 7.2 (high), and it allows PHP code injection in the Campaigns module, potentially compromising the security of SugarCRM.
Which versions of SugarCRM are affected by CVE-2019-17310?
CVE-2019-17310 affects SugarCRM versions 7.9.0.0 to 7.9.5.0, 8.0.0 to 8.0.4, and 9.0.0 to 9.0.2 (Enterprise, Professional, and Ultimate editions).
How can I fix the CVE-2019-17310 vulnerability in SugarCRM?
To fix the CVE-2019-17310 vulnerability in SugarCRM, it is recommended to upgrade to version 8.0.4 or 9.0.2 (or higher) and follow the recommendations provided by SugarCRM in their security advisory.
Where can I find more information about CVE-2019-17310?
You can find more information about CVE-2019-17310 in the SugarCRM security advisory available at the following link: [https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-037/](https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-037/)
- collector/nvd-index
- vendor/sugarcrm
- product/sugarcrm
- canonical/sugarcrm sugarcrm