CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-3602

The SOAP webservice in vtiger CRM before 5.0.3 does not ensure that authenticated accounts are active, which allows remote authenticated users with inactive accounts to access and modify data, as demonstrated by the Thunderbird plugin.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.7%

CVSS Severity

CVSS v2 Score 5.5

References

Products affected by CVE-2007-3602

Vtiger » Vtiger Crm » Version: 1.0

cpe:2.3:a:vtiger:vtiger_crm:1.0
Vtiger » Vtiger Crm » Version: 2.0

cpe:2.3:a:vtiger:vtiger_crm:2.0
Vtiger » Vtiger Crm » Version: 2.0.1

cpe:2.3:a:vtiger:vtiger_crm:2.0.1
Vtiger » Vtiger Crm » Version: 2.1

cpe:2.3:a:vtiger:vtiger_crm:2.1
Vtiger » Vtiger Crm » Version: 3.0

cpe:2.3:a:vtiger:vtiger_crm:3.0
Vtiger » Vtiger Crm » Version: 3.2

cpe:2.3:a:vtiger:vtiger_crm:3.2
Vtiger » Vtiger Crm » Version: 4

cpe:2.3:a:vtiger:vtiger_crm:4
Vtiger » Vtiger Crm » Version: 4.0

cpe:2.3:a:vtiger:vtiger_crm:4.0
Vtiger » Vtiger Crm » Version: 4.0.1

cpe:2.3:a:vtiger:vtiger_crm:4.0.1
Vtiger » Vtiger Crm » Version: 4.2

cpe:2.3:a:vtiger:vtiger_crm:4.2
Vtiger » Vtiger Crm » Version: 4.2.4

cpe:2.3:a:vtiger:vtiger_crm:4.2.4
Vtiger » Vtiger Crm » Version: 5

cpe:2.3:a:vtiger:vtiger_crm:5
Vtiger » Vtiger Crm » Version: 5.0

cpe:2.3:a:vtiger:vtiger_crm:5.0
Vtiger » Vtiger Crm » Version: 5.0.0

cpe:2.3:a:vtiger:vtiger_crm:5.0.0
Vtiger » Vtiger Crm » Version: 5.0.1

cpe:2.3:a:vtiger:vtiger_crm:5.0.1
Vtiger » Vtiger Crm » Version: 5.0.2

cpe:2.3:a:vtiger:vtiger_crm:5.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-3602

Products

Pricing

Contact Us