CVE-2012-4867

PUBLISHED

Directory traversal vulnerability in modules/com_vtiger_workflow/sortfieldsjson.php in vtiger CRM 5.1.0 allows remote attackers to read arbitrary...

n/a · n/a

Recommended Action

Track for updates. Assess relevance to your asset inventory and enrichment workflows.

Confidence
Exploitation Status
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
CVSS / EPSS

At a Glance

Directory traversal vulnerability in modules/com_vtiger_workflow/sortfieldsjson.php in vtiger CRM 5.1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the module_name parameter.

Published
Sep 06, 2012
First Seen
CVSS
EPSS

Recommended Actions

  • Track for updates. Assess relevance to your asset inventory and enrichment workflows.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.