Security Advisory

CVE-2025-54786

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-06 23:23:00

Last updated 2025-08-07 14:47:54

Assigner GitHub_M

State PUBLISHED

Description

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions 7.14.6 and 8.8.0, the broken authentication in the legacy iCal service allows unauthenticated access to meeting data. An unauthenticated actor can view any users meeting (calendar event) data given their username, related functionality allows user enumeration. This is fixed in versions 7.14.7 and 8.8.1.

← Browse all CVEs View on cve.org ↗