CVE-2023-6388

Summary

Suite CRM version 7.14.2 allows making arbitrary HTTP requests through

the vulnerable server. This is possible because the application is vulnerable

to SSRF.

Affected Software

VendorProductVersion RangeStatus
Suite CRMSuite CRM7.14.2affected

Weaknesses

  • CWE-918: CWE-918 Server-Side Request Forgery (SSRF)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References