Intrusion Prevention

SugarCRM.Information.Disclosure

Description

This indicates an attack attempt against an information disclosure vulnerability in SugarCRM.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted HTTP request. It allows a remote attacker to obtain sensitive information.

Affected Products

SugarCRM SugarCRM 5.2 j
SugarCRM SugarCRM 5.2 i
SugarCRM SugarCRM 5.2 h
SugarCRM SugarCRM 5.2 g
SugarCRM SugarCRM 5.2 e
SugarCRM SugarCRM 5.0 m
SugarCRM SugarCRM 5.0 l
SugarCRM SugarCRM 5.0 k
SugarCRM SugarCRM 6.1.1
SugarCRM SugarCRM 5.5.0a
SugarCRM SugarCRM 5.5.0.RC4
SugarCRM SugarCRM 5.5.0.RC2
SugarCRM SugarCRM 5.2.0l
SugarCRM SugarCRM 5.2.0k
SugarCRM SugarCRM 5.2.0j

Impact

Information Disclosure.

Recommended Actions

Upgrade to the latest version, available from the vendor.
http://www.sugarcrm.com/crm/

CVE References

CVE-2011-0745