High Severity Vulnerability
This vulnerability has been rated as High severity. Immediate action is recommended.
CVE-2024-58258
High
Low
Medium
High
Critical
7.2
CVSS Score
Published: Jul 13, 2025
Last Modified: Nov 03, 2025
Vulnerability Description
SugarCRM before 13.0.4 and 14.x before 14.0.1 allows SSRF in the API module because a limited type of code injection can occur.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Attack Vector
N
Attack Complexity
L
Privileges Required
N
User Interaction
N
Scope
C
Confidentiality
L
Integrity
L
Availability
N
Severity Details
7.2
out of 10.0
High
Key Information
- Published Date
- July 13, 2025
