This vulnerability in Privyr CRM Integration arises from missing authorization checks, which leads to incorrect access control enforcement. This can allow an attacker with limited privileges to perform actions that should require higher authorization, potentially causing integrity and availability impacts. The CVSS 3.1 base score is 5.4, reflecting network attack vector, low attack complexity, low privileges required, no user interaction, unchanged scope, no confidentiality impact, but low integrity and low availability impacts.

The vulnerability can lead to unauthorized modification or disruption of the CRM integration functionality, impacting data integrity and availability. Confidentiality is not affected. The medium severity score reflects these limited but meaningful impacts.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. No official fix or patch links are provided at this time. Until a patch is available, review and tighten access control configurations in the Privyr CRM Integration to mitigate risk.