Vulnerability Details CVE-2008-6440
Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for "controllers ... that aren't standard helpdesk pages," possibly involving the (1) /display and (2) /kb URIs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/30344
- http://www.cerb4.com/blog/2008/05/15/important-security-patch-40-build-599/
- http://www.securityfocus.com/bid/29335
- http://secunia.com/advisories/30344
- http://www.cerb4.com/blog/2008/05/15/important-security-patch-40-build-599/
- http://www.securityfocus.com/bid/29335
Products affected by CVE-2008-6440
-
cpe:2.3:a:cerberus:cerberus_helpdesk:2.5
-
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:*
-
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:0.97.3
-
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.0
-
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.1
-
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.2
-
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.3
-
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.4
-
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.6.1
-
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.649
-
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.7
-
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:2.7.1
-
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:3.2
-
cpe:2.3:a:webgroupmedia:cerberus_helpdesk:3.2.1