CVSS 3.1 Score 9.9 of 10 (high)


Published Feb 20, 2024
CWE ID 434


CVE-2024-1644 is a vulnerability found in Suite CRM version 7.14.2, which allows for the inclusion of local PHP files due to a vulnerability to Local File Inclusion (LFI). This vulnerability poses a high risk to organizations as it can lead to unauthorized access and execution of arbitrary code. The base severity of this vulnerability is rated as critical with a base score of 9.9 out of 10, indicating its potential for significant impact. Organizations using this version of Suite CRM should take immediate action to remediate the vulnerability by updating to a patched version or implementing other mitigations recommended by the software vendor.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-1644 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options