Vtiger CRM 'graph.php ' Script Authentication Bypass Vulnerability Network Vulnerability

Summary

vtiger CRM is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication process, download the database backup and modify configurations settings. vtiger CRM 5.2.1 is vulnerable other versions may also be affected.

Solution

Vendor updates are available. Please see the references for details.

References

http://www.securityfocus.com/bid/51192
http://www.vtiger.com/

Updated on 2017-03-28

Severity

Classification

CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

ALCASAR Remote Code Execution Vulnerability
Baby Gekko CMS Multiple Vulnerabilities
Avenger's News System Command Execution
Admbook PHP Code Injection Flaw
Andy's PHP Knowledgebase 's' Parameter SQL Injection Vulnerability

vtiger CRM 'graph.php ' Script Authentication Bypass Vulnerability

Take action and discover your vulnerabilities