Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
security:lcsec18-01 [2018-07-02 13:25]
Martin Berg 		security:lcsec18-01 [2018-12-02 22:09] (current)
Line 1: Line 1:
 ====== Security update for Lime CRM Server ====== ====== Security update for Lime CRM Server ======
   ; Bulletin ID : LCSEC18-01   ; Bulletin ID : LCSEC18-01
-  ; Date published : 2018-07-03+  ; Date published : 2018-07-05
   ; Priority : 2   ; Priority : 2
-  ; Severity : Important+  ; Severity : Critical
      
 Priority and severity ratings are determined as described [[security:ratings|here]]. Priority and severity ratings are determined as described [[security:ratings|here]].
      
 ===== Summary ===== ===== Summary =====
-This security update resolves a vulnerability in Lime CRM Server. The vulnerability could allow remote code execution in Lime CRM Server if an attacker alters the system configuration in a malicious way. However, in all cases an attacker would need access to a user account with  administrator privileges in order to succeed with exploiting the vulnerability+This security update resolves a vulnerability in Lime CRM Server. The vulnerability could allow remote code execution in Lime CRM Server if an attacker alters the system configuration in a malicious way. However, an attacker would need access to a user account with  administrator privileges in order to succeed with exploiting the vulnerability.
- +
-This security update is rated Important for Lime CRM Server on all supported operating systems.+
  
 ===== Affected versions ===== ===== Affected versions =====
 ^ Product  ^ Version  ^ Platform  ^ ^ Product  ^ Version  ^ Platform  ^
-| Lime CRM Server  | 12.25 - 12.42  | All platforms  |+| Lime CRM Server  | 12.25 - 12.41.1.5  | All platforms  |
  
 ===== Solution ===== ===== Solution =====
Line 20: Line 18:
  
 ^ Product  ^ Type  ^ Updated version  ^ Priority rating  ^ Availability  ^ ^ Product  ^ Type  ^ Updated version  ^ Priority rating  ^ Availability  ^
-| Lime CRM Server Product release  12.x.y  | 2  | Download | +| Lime CRM Server Hotfix for any affected version  | 2  | [[https://builds.lundalogik.com/api/v1/builds/lcsec18-01/versions/latest/file/|Download]] 
-| Lime CRM Server Hotfix for all 12.x versions | -  | 2  | Download |+| Lime CRM Server Product release 12.41.2.5  | 2  | [[https://builds.lundalogik.com/api/v1/builds/limecrm-server/versions/12.41.2.5/file/|Download]] |
  
 ===== Vulnerability information ===== ===== Vulnerability information =====
  • Last modified: 7 years ago
  • (external edit)