Cyber Posture

CVE-2022-50589

CriticalPublic PoC

Published: 06 November 2025

Published
06 November 2025
Modified
24 November 2025
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0018 38.9th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may leverage databases to mine valuable information.

Security Summary

CVE-2022-50589 is a SQL injection vulnerability (CWE-89) affecting SuiteCRM versions prior to 7.12.6, specifically within the processing of the 'uid' parameter in the 'export' functionality. Rated at CVSS 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), it enables attackers to manipulate database queries through unsanitized input.

Remote unauthenticated attackers can exploit this vulnerability by sending crafted requests to the export endpoint, potentially extracting sensitive data or escalating to arbitrary code execution on the server.

Advisories recommend upgrading to SuiteCRM 7.12.6 or later, as detailed in the official release notes, to mitigate the issue by addressing the insecure parameter handling.

Details

CWE(s)
CWE-89

Affected Products

salesagility
suitecrm
≤ 7.12.6

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1213.004 Customer Relationship Management Software Collection
Adversaries may leverage Customer Relationship Management (CRM) software to mine valuable information.
attack.mitre.org →
T1213.006 Databases Collection
Adversaries may leverage databases to mine valuable information.
attack.mitre.org →
Why these techniques?

SQL injection in public-facing SuiteCRM (CRM software) enables unauthenticated exploitation of public-facing application (T1190) and arbitrary database queries for data collection from CRM software (T1213.004) and databases (T1213.006).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References