CVE-2007-3599 : vtiger CRM before 5.0.3 allows remote authenticated users to import and export t

vtiger CRM before 5.0.3 allows remote authenticated users to import and export the information for a contact even when they only have the View permission.

Published 2007-07-06 19:30:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2007-3599

Vtiger » Vtiger Crm
Versions up to, including, (<=) 5.0.2
cpe:2.3:a:vtiger:vtiger_crm:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2007-3599

EPSS FAQ

0.18%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 37 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2007-3599

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
8.5	HIGH	AV:N/AC:L/Au:S/C:C/I:C/A:N	8.0	9.2	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: None

References for CVE-2007-3599

http://osvdb.org/45781
http://trac.vtiger.com/cgi-bin/trac.cgi/report/9

CVEs referencing this url
http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/2968

Patch

Jump to

Vulnerability Details : CVE-2007-3599

Products affected by CVE-2007-3599

Exploit prediction scoring system (EPSS) score for CVE-2007-3599

CVSS scores for CVE-2007-3599

References for CVE-2007-3599