Security Bypass in Cerberus Helpdesk Client Support Center
CVE-2006-4539

Currently unrated

Key Information:

Vendor: Cerberus
Status: Cerberus Helpdesk
Vendor: CVE Published:; 5 September 2006

What is CVE-2006-4539?

The Client Support Center in Cerberus Helpdesk versions 3.2 Build 317 and earlier contains a vulnerability that allows remote attackers to bypass security restrictions. By manipulating the ticket parameter, an unauthorized user may gain access to sensitive information, potentially leading to unauthorized actions within the help desk system. The specific files affected are module_company_tickets.php and module_track_tickets.php. This exposure underscores the importance of securing web applications against such attacks.

References

http://forum.cerberusweb.com/showthread.php?t=7671

x_refsource_CONFIRM

http://secunia.com/advisories/21706

third-party-advisoryx_refsource_SECUNIA

http://securitytracker.com/id?1016976

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 5, 2006
Vulnerability Reserved
Sep 5, 2006

CVE-2006-4539 Data

JSON