Vulnerability Details : CVE-2006-4539
(1) includes/widgets/module_company_tickets.php and (2) includes/widgets/module_track_tickets.php Client Support Center in Cerberus Helpdesk 3.2 Build 317, and possibly earlier, allows remote attackers to bypass security restrictions and obtain sensitive information via the ticket parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Products affected by CVE-2006-4539
- cpe:2.3:a:cerberus:cerberus_helpdesk:3.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-4539
0.56%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 67 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-4539
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2006-4539
-
http://www.vupen.com/english/advisories/2006/3421
-
http://www.osvdb.org/28317
-
http://forum.cerberusweb.com/showthread.php?t=7671
Patch
-
http://cerberusweb.com/cvsweb.pl/support-center/cerberus-support-center/includes/widgets/module_company_tickets.php.diff?r1=1.6%3Br2=1.7%3Bf=h
-
http://www.securityfocus.com/bid/19797
-
http://cerberusweb.com/cvsweb.pl/support-center/cerberus-support-center/includes/widgets/module_track_tickets.php.diff?r1=1.17;r2=1.18;f=h
Patch
-
http://securitytracker.com/id?1016976
-
http://cerberusweb.com/cvsweb.pl/support-center/cerberus-support-center/includes/widgets/module_track_tickets.php.diff?r1=1.17%3Br2=1.18%3Bf=h
-
http://cerberusweb.com/cvsweb.pl/support-center/cerberus-support-center/includes/widgets/module_company_tickets.php.diff?r1=1.6;r2=1.7;f=h
Patch
-
http://secunia.com/advisories/21706
Patch;Vendor Advisory
Jump to