Security Advisory

CVE-2006-5428

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-10-20 17:00:00

Last updated 2024-08-07 19:48:30

Assigner mitre

State PUBLISHED

Description

rpc.php in Cerberus Helpdesk 3.2.1 does not verify a clients privileges for a display_get_requesters operation, which allows remote attackers to bypass the GUI login and obtain sensitive information (ticket data) via a direct request.

← Browse all CVEs View on cve.org ↗