CVE-2007-6222

CVE-2007-6222 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

The CheckCustomerAccess function in functions.php in CRM-CTT Interleave before 4.2.0 (formerly CRM-CTT) does not properly verify user privileges, which allows remote authenticated users with the LIMITTOCUSTOMERS privilege to bypass intended access restrictions and edit non-active user settings. NOTE: some of these details are obtained from third party information.

Learn more about our Crm Penetration Testing.