[CVEID]

CVE-2021-41596

[PRODUCT]

SuiteCRM

[VERSION]

before 7.10.33 and 7.11.22

[PROBLEM TYPE]

Directory Traversal

[DESCRIPTION]

SuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal.
An attacker can partially include arbitrary files via the importFile parameter of the RefreshMapping import functionality.

Timeline:

Reported to vendor 11.09.2021
Acknowledged 13.09.2021
Validated 23.09.2021
Fixed 24.09.2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2021-41596.md

CVE-2021-41596.md

[CVEID]

[PRODUCT]

[VERSION]

[PROBLEM TYPE]

[DESCRIPTION]

Timeline:

Files

CVE-2021-41596.md

Latest commit

History

CVE-2021-41596.md

File metadata and controls

[CVEID]

[PRODUCT]

[VERSION]

[PROBLEM TYPE]

[DESCRIPTION]

Timeline: