Security Bulletins and Advisories¶
This section contains important information regarding security vulnerabilities that could affect specific versions of Lime CRM. Use this information to take the corrective actions prescribed. In our effort to serve you better, you can also register to receive email notifications for future advisories.
Contact our support team at [email protected] to notify us of a security issue.
Priority and severity ratings¶
This is a guideline to help our customers prioritize updates and to assess the security impact of known software vulnerabilities.
Priority ratings¶
The definitions of the priority ratings are:
| Priority | Definition |
|---|---|
| 1 | This update resolves vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild for a given product version and platform. Lime recommends administrators install the update as soon as possible. (for example, within 72 hours). |
| 2 | This update resolves vulnerabilities in a product that could be at elevated risk. There are currently no known exploits. Based on previous experience, we do not anticipate exploits are imminent. As a best practice, Lime recommends administrators install the update soon (for example, within 30 days). |
| 3 | This update resolves vulnerabilities in a product that has historically not been a target for attackers. Lime recommends administrators install the update at their discretion. |
Severity ratings¶
The definitions of the severity ratings are:
| Severity | Definition |
|---|---|
| Critical | A vulnerability, which, if exploited would allow malicious native-code to execute, potentially without administrators being aware. |
| Important | A vulnerability, which, if exploited would compromise data security, potentially allowing access to confidential data, or could compromise processing resources. |
| Moderate | A vulnerability that is limited to a significant degree by factors such as default configuration, auditing, or is difficult to exploit. |