CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-39198

OroCRM is an open source Client Relationship Management (CRM) application. Affected versions we found to suffer from a vulnerability which could an attacker is able to disqualify any Lead with a Cross-Site Request Forgery (CSRF) attack. There are no workarounds that address this vulnerability and all users are advised to update their package.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.6%

CVSS Severity

CVSS v3 Score 4.2

CVSS v2 Score 5.8

References

Products affected by CVE-2021-39198

Oroinc » Client Relationship Management » Version: 3.1.0

cpe:2.3:a:oroinc:client_relationship_management:3.1.0
Oroinc » Client Relationship Management » Version: 3.1.1

cpe:2.3:a:oroinc:client_relationship_management:3.1.1
Oroinc » Client Relationship Management » Version: 3.1.10

cpe:2.3:a:oroinc:client_relationship_management:3.1.10
Oroinc » Client Relationship Management » Version: 3.1.11

cpe:2.3:a:oroinc:client_relationship_management:3.1.11
Oroinc » Client Relationship Management » Version: 3.1.12

cpe:2.3:a:oroinc:client_relationship_management:3.1.12
Oroinc » Client Relationship Management » Version: 3.1.13

cpe:2.3:a:oroinc:client_relationship_management:3.1.13
Oroinc » Client Relationship Management » Version: 3.1.14

cpe:2.3:a:oroinc:client_relationship_management:3.1.14
Oroinc » Client Relationship Management » Version: 3.1.15

cpe:2.3:a:oroinc:client_relationship_management:3.1.15
Oroinc » Client Relationship Management » Version: 3.1.16

cpe:2.3:a:oroinc:client_relationship_management:3.1.16
Oroinc » Client Relationship Management » Version: 3.1.17

cpe:2.3:a:oroinc:client_relationship_management:3.1.17
Oroinc » Client Relationship Management » Version: 3.1.2

cpe:2.3:a:oroinc:client_relationship_management:3.1.2
Oroinc » Client Relationship Management » Version: 3.1.24

cpe:2.3:a:oroinc:client_relationship_management:3.1.24
Oroinc » Client Relationship Management » Version: 3.1.3

cpe:2.3:a:oroinc:client_relationship_management:3.1.3
Oroinc » Client Relationship Management » Version: 3.1.4

cpe:2.3:a:oroinc:client_relationship_management:3.1.4
Oroinc » Client Relationship Management » Version: 3.1.5

cpe:2.3:a:oroinc:client_relationship_management:3.1.5
Oroinc » Client Relationship Management » Version: 3.1.6

cpe:2.3:a:oroinc:client_relationship_management:3.1.6
Oroinc » Client Relationship Management » Version: 3.1.7

cpe:2.3:a:oroinc:client_relationship_management:3.1.7
Oroinc » Client Relationship Management » Version: 3.1.8

cpe:2.3:a:oroinc:client_relationship_management:3.1.8
Oroinc » Client Relationship Management » Version: 3.1.9

cpe:2.3:a:oroinc:client_relationship_management:3.1.9
Oroinc » Client Relationship Management » Version: 4.1.0

cpe:2.3:a:oroinc:client_relationship_management:4.1.0
Oroinc » Client Relationship Management » Version: 4.1.1

cpe:2.3:a:oroinc:client_relationship_management:4.1.1
Oroinc » Client Relationship Management » Version: 4.1.10

cpe:2.3:a:oroinc:client_relationship_management:4.1.10
Oroinc » Client Relationship Management » Version: 4.1.11

cpe:2.3:a:oroinc:client_relationship_management:4.1.11
Oroinc » Client Relationship Management » Version: 4.1.12

cpe:2.3:a:oroinc:client_relationship_management:4.1.12
Oroinc » Client Relationship Management » Version: 4.1.13

cpe:2.3:a:oroinc:client_relationship_management:4.1.13
Oroinc » Client Relationship Management » Version: 4.1.15

cpe:2.3:a:oroinc:client_relationship_management:4.1.15
Oroinc » Client Relationship Management » Version: 4.1.2

cpe:2.3:a:oroinc:client_relationship_management:4.1.2
Oroinc » Client Relationship Management » Version: 4.1.3

cpe:2.3:a:oroinc:client_relationship_management:4.1.3
Oroinc » Client Relationship Management » Version: 4.1.4

cpe:2.3:a:oroinc:client_relationship_management:4.1.4
Oroinc » Client Relationship Management » Version: 4.1.5

cpe:2.3:a:oroinc:client_relationship_management:4.1.5
Oroinc » Client Relationship Management » Version: 4.1.6

cpe:2.3:a:oroinc:client_relationship_management:4.1.6
Oroinc » Client Relationship Management » Version: 4.1.7

cpe:2.3:a:oroinc:client_relationship_management:4.1.7
Oroinc » Client Relationship Management » Version: 4.1.8

cpe:2.3:a:oroinc:client_relationship_management:4.1.8
Oroinc » Client Relationship Management » Version: 4.1.9

cpe:2.3:a:oroinc:client_relationship_management:4.1.9
Oroinc » Client Relationship Management » Version: 4.2.0

cpe:2.3:a:oroinc:client_relationship_management:4.2.0
Oroinc » Client Relationship Management » Version: 4.2.1

cpe:2.3:a:oroinc:client_relationship_management:4.2.1
Oroinc » Client Relationship Management » Version: 4.2.2

cpe:2.3:a:oroinc:client_relationship_management:4.2.2
Oroinc » Client Relationship Management » Version: 4.2.3

cpe:2.3:a:oroinc:client_relationship_management:4.2.3
Oroinc » Client Relationship Management » Version: 4.2.4

cpe:2.3:a:oroinc:client_relationship_management:4.2.4
Oroinc » Client Relationship Management » Version: 4.2.5

cpe:2.3:a:oroinc:client_relationship_management:4.2.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-39198

Products

Pricing

Contact Us