CVE-2023-6124 MEDIUM

CVE-2023-6124: Server-Side Request Forgery (SSRF) in salesagility/suitecrm

Vendor Salesagility
Product salesagility/suitecrm
Weakness CWE-918 · SSRF
Published November 14, 2023
Last update September 3, 2024
View on NVD All CVEs

CVSS base score

5.0/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

What the vulnerability does

01Description

Server-Side Request Forgery (SSRF) in GitHub repository salesagility/suitecrm prior to 7.14.2, 8.4.2, 7.12.14.

Key dates

02Disclosure timeline

November 14, 2023 CVE published
September 3, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2022-41552 Server-Side Request Forgery Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer CVE-2023-5572 Server-Side Request Forgery (SSRF) in vriteio/vrite CVE-2025-53457 WordPress SEO Backlink Monitor plugin <= 1.8.0 - Server Side Request Forgery (SSRF) vulnerability CVE-2025-69299 WordPress Oxygen theme <= 6.0.8 - Server Side Request Forgery (SSRF) vulnerability CVE-2024-52602 Server-Side Request Forgery (SSRF) on redirects and federation in Matrix Media Repo