CVE-2006-5428

rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client's privileges for a display_get_requesters operation, which allows remote attackers to bypass the GUI login and obtain sensitive information (ticket data) via a direct request.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cerberus:cerberus_helpdesk:3.2.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-10-20 17:07

Updated : 2024-02-04 17:13


NVD link : CVE-2006-5428

Mitre link : CVE-2006-5428

CVE.ORG link : CVE-2006-5428


JSON object : View

Products Affected

cerberus

  • cerberus_helpdesk