cpe:/a:sugarcrm:sugarcrm:9.0.0::~~enterprise~~~ CVE-2019-17315 2019-10-07T11:15:10.873-04:00 2019-10-09T15:32:54.523-04:00 6.5 NETWORK LOW SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2019-10-09T13:44:02.257-04:00 MISC https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-042/ SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Administration module by an Admin user.