9 lines
No EOL
596 B
Text
Executable file
9 lines
No EOL
596 B
Text
Executable file
source: http://www.securityfocus.com/bid/20598/info
|
|
|
|
Cerberus Helpdesk is prone to an unauthorized-access vulnerability because the application fails to authenticate users properly, resulting in an improper-access validation. A workaround is available.
|
|
|
|
An attacker can exploit this vulnerability to retrieve other users' arbitrary ticket data. Information obtained can lead to a compromise of other users' confidential information.
|
|
|
|
Version 3.2.1 is affected by this issue; other versions may be vulnerable as well.
|
|
|
|
http://www.example.com/rpc.php?cmd=display_get_requesters&id=[ticket#] |