CVE-2021-4117

Published: Dec 15, 2021Modified: Jun 17, 2026

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

yetiforcecrm is vulnerable to Business Logic Errors

Affected (1)

Products: Yetiforce: Yetiforce Customer Relationship Management

1 product

Yetiforce Customer Relationship Management

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Yetiforce Yetiforce Customer Relationship Management	Up to 6.3.0

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

https://github.com/yetiforcecompany/yetiforcecrm/commit/8dccd93442725f245b4b71986bbe6f4f48639239

Source: security@huntr.dev

PatchThird Party Advisory

https://huntr.dev/bounties/0b81e572-bdc9-4caf-aa02-81f3c7ad7c0a

Source: security@huntr.dev

ExploitIssue TrackingPatchThird Party Advisory

https://github.com/yetiforcecompany/yetiforcecrm/commit/8dccd93442725f245b4b71986bbe6f4f48639239

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://huntr.dev/bounties/0b81e572-bdc9-4caf-aa02-81f3c7ad7c0a

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingPatchThird Party Advisory

Timeline

No history available yet.