Home

Description

SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a deprecated v4 API example with no log rotation allows denial of service by logging excessive data. Versions 7.14.4 and 8.6.1 contain a fix for this issue.

PUBLISHED Reserved 2024-05-27 | Published 2024-06-10 | Updated 2025-02-13 | Assigner GitHub_M




HIGH: 8.6CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Problem types

CWE-779: Logging of Excessive Data

Product status

< 7.14.4
affected

>= 8.0.0, < 8.6.1
affected

References

github.com/...iteCRM/security/advisories/GHSA-jrpp-22g3-2j77

docs.suitecrm.com/admin/releases/7.14.x/

github.com/kva55/CVE-2024-36416

cve.org (CVE-2024-36416)

nvd.nist.gov (CVE-2024-36416)

Download JSON