- Vulnerability/
- CVE-2019-17315
CVE-2019-17315
First published: Mon Oct 07 2019(Updated: )
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Administration module by an Admin user.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sugarcrm Sugarcrm | >=7.9.0.0<7.9.5.0 | |
| Sugarcrm Sugarcrm | >=8.0.0<8.0.4 | |
| Sugarcrm Sugarcrm | >=9.0.0<9.0.2 | |
| Sugarcrm Sugarcrm | >=7.9.0.0<7.9.5.0 | |
| Sugarcrm Sugarcrm | >=8.0.0<8.0.4 | |
| Sugarcrm Sugarcrm | >=9.0.0<9.0.2 | |
| Sugarcrm Sugarcrm | >=7.9.0.0<7.9.5.0 | |
| Sugarcrm Sugarcrm | >=8.0.0<8.0.4 | |
| Sugarcrm Sugarcrm | >=9.0.0<9.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this SugarCRM vulnerability?
The vulnerability ID of this SugarCRM vulnerability is CVE-2019-17315.
What is the severity of CVE-2019-17315?
The severity of CVE-2019-17315 is high.
What is the affected version range of SugarCRM?
The affected version range of SugarCRM is between 7.9.0.0 and 7.9.5.0 for Enterprise, between 8.0.0 and 8.0.4 for Enterprise, between 9.0.0 and 9.0.2 for Enterprise, between 7.9.0.0 and 7.9.5.0 for Professional, between 8.0.0 and 8.0.4 for Professional, and between 9.0.0 and 9.0.2 for Professional and Ultimate editions.
What is the vulnerability description of CVE-2019-17315?
CVE-2019-17315 is a vulnerability in SugarCRM before 8.0.4 and 9.x before 9.0.2 that allows PHP object injection in the Administration module by an Admin user.
How can I fix the CVE-2019-17315 vulnerability?
To fix the CVE-2019-17315 vulnerability, you should update SugarCRM to version 8.0.4 or 9.0.2, depending on the edition you are using.
- collector/nvd-index
- vendor/sugarcrm
- product/sugarcrm
- canonical/sugarcrm sugarcrm