CVE-2004-1611

Name of the Vulnerable Software and Affected Versions SalesLogix version 6.1

Description The issue allows remote attackers to execute arbitrary SLX commands on the server or spoof the server via a man-in-the-middle (MITM) attack. Additionally, it could allow attackers to obtain the database password via a GetConnection request to TCP port 1707.

Recommendations For SalesLogix version 6.1, consider implementing authentication verification for sensitive operations to prevent unauthorized access. As a temporary workaround, restrict access to TCP port 1707 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.