CVE-2025-54786 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions 7.14.6 and 8.8.0, the broken authenticatio…
Medium CVSS: 5.3

CVE-2025-54786

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions 7.14.6 and 8.8.0, the broken authentication in the legacy iCal service allows unauthenticated access to meeting data. An unauthenticated actor can view any user's meeting (calendar event) data given their username, related functionality allows user enumeration. This is fixed in versions 7.14.7 and 8.8.1.
Vendor
Salesagility
Product
Suitecrm
CWE
CWE-200
Yayın Tarihi
2025-08-07 00:15:32
Güncelleme
2025-08-14 20:14:38
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-200 Suitecrm MEDIUM Salesagility 2025

Referanslar

https://docs.suitecrm.com/8.x/admin/releases/8.8 https://github.com/SuiteCRM/SuiteCRM-Core/security/advisories/GHSA-rf2v-4mv3-qcgm