Protect Your Sales Data: Critical Vulnerability Discovered in SalesKing CRM

CVECVE-2024-22154
CVSScvssV3_1: 7.5
SourceCVE-2024-22154

Researchers have discovered a vulnerability in SalesKing CRM that could allow unauthorized access to sensitive customer data.

SalesKing is a popular customer relationship management (CRM) tool used by many sales teams to store information on leads, contacts, deals and more. Versions 1.6.15 and below are affected.

The vulnerability, tracked as CVE-2024-22154, has been given a CVSS score of 7.5 due to the data exposure risk. It allows an attacker to access sensitive sales records like customer names, addresses, order details etc without authentication.

Hackers could exploit this vulnerability to steal valuable customer databases containing private contact and financial information. With this data, cyber criminals could perform identity theft, data breaches or disrupt business operations.

All SalesKing CRM users are urged to update to the latest version immediately to patch this security flaw. Administrators should also audit account access and strengthen passwords. Enabling multi-factor authentication provides an extra layer of protection against unauthorized access in case of exploits.

Staying on top of software updates is critical to avoid vulnerabilities like this. Regular security audits and employee training help catch issues early. If you use SalesKing CRM, be sure to apply the latest patch right away to protect your customers’ privacy and your business.

References