Cerberus Helpdesk Rpc.PHP Unauthorized Access Vulnerability

Cerberus Helpdesk is prone to an unauthorized-access vulnerability because the application fails to authenticate users properly, resulting in an improper-access validation. A workaround is available.

An attacker can exploit this vulnerability to retrieve other users' arbitrary ticket data. Information obtained can lead to a compromise of other users' confidential information.

Version 3.2.1 is affected by this issue; other versions may be vulnerable as well.


Privacy Statement
Copyright 2010, SecurityFocus