CVE-2022-45186

An issue was discovered in SuiteCRM 7.12.7. Authenticated users can recover an arbitrary field of a database.

CVSS

No CVSS.

References

Link	Resource
https://docs.suitecrm.com/admin/releases/7.12.x/	Release Notes
https://github.com/Orange-Cyberdefense/CVE-repository/	Exploit Third Party Advisory
https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_SuiteCRM.py	Exploit

Configurations

Configuration 1 (hide)

cpe:2.3:a:salesagility:suitecrm:7.12.7:*:*:*:*:*:*:*

History

15 Apr 2025, 18:33

Type	Values Removed	Values Added
CWE		NVD-CWE-noinfo
CPE		cpe:2.3:a:salesagility:suitecrm:7.12.7:::::::*
First Time		Salesagility Salesagility suitecrm
References	~~() https://github.com/Orange-Cyberdefense/CVE-repository/ -~~	() https://github.com/Orange-Cyberdefense/CVE-repository/ - Exploit, Third Party Advisory
References	~~() https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_SuiteCRM.py -~~	() https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_SuiteCRM.py - Exploit
References	~~() https://docs.suitecrm.com/admin/releases/7.12.x/ -~~	() https://docs.suitecrm.com/admin/releases/7.12.x/ - Release Notes

07 Jan 2025, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-07 20:15

Updated : 2025-04-15 18:33

NVD link : CVE-2022-45186

Mitre link : CVE-2022-45186

JSON object : View

Products Affected

salesagility

CWE

NVD-CWE-noinfo