CVE-2022-45186

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Jan 7, 2025

Updated: Jan 8, 2025

Summary

CVE-2022-45186 is a vulnerability affecting SuiteCRM version 7.12.7. This issue grants authenticated users the ability to recover arbitrary fields from the database, posing a significant risk to data confidentiality. Attackers can exploit this vulnerability to access sensitive information, potentially leading to unauthorized access or data breaches. The vulnerability requires user authentication, reducing the attack surface but not entirely eliminating the risk. Patching the affected SuiteCRM installation is the recommended course of action to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SuiteCRM

Affected Vendors

SalesAgility Ltd.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/oxD7Rc
https://www.cve.org/CVERecord?id=CVE-2022-45186
https://nvd.nist.gov/vuln/detail/CVE-2022-45186

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners