Описание
Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for "controllers ... that aren't standard helpdesk pages," possibly involving the (1) /display and (2) /kb URIs.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.3 (включая)
Одно из
cpe:2.3:a:cerberus:cerberus_helpdesk:2.5:*:*:*:*:*:*:*
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:*:*:*:*:*:*:*:*
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:0.97.3:*:*:*:*:*:*:*
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.0:*:*:*:*:*:*:*
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.1:*:*:*:*:*:*:*
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.2:*:*:*:*:*:*:*
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.3:*:*:*:*:*:*:*
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.4:*:*:*:*:*:*:*
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.7:*:*:*:*:*:*:*
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.7.1:development_release:*:*:*:*:*:*
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.649:*:*:*:*:*:*:*
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:3.2:*:*:*:*:*:*:*
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:3.2.1:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00282
Низкий
5 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for "controllers ... that aren't standard helpdesk pages," possibly involving the (1) /display and (2) /kb URIs.
EPSS
Процентиль: 51%
0.00282
Низкий
5 Medium
CVSS2
Дефекты
CWE-287