Vulnerability Details CVE-2021-28024
Unauthorized system access in the login form in ServiceTonic Helpdesk software version < 9.0.35937 allows attacker to login without using a password.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2021-28024
-
cpe:2.3:a:servicetonic:servicetonic:6.0
-
cpe:2.3:a:servicetonic:servicetonic:6.0.16407
-
cpe:2.3:a:servicetonic:servicetonic:6.0.16662
-
cpe:2.3:a:servicetonic:servicetonic:6.0.16976
-
cpe:2.3:a:servicetonic:servicetonic:6.0.17592
-
cpe:2.3:a:servicetonic:servicetonic:6.0.18181
-
cpe:2.3:a:servicetonic:servicetonic:6.0.20908
-
cpe:2.3:a:servicetonic:servicetonic:6.0.21568
-
cpe:2.3:a:servicetonic:servicetonic:6.0.22070
-
cpe:2.3:a:servicetonic:servicetonic:7.0.22707
-
cpe:2.3:a:servicetonic:servicetonic:7.0.23208
-
cpe:2.3:a:servicetonic:servicetonic:7.0.23699
-
cpe:2.3:a:servicetonic:servicetonic:8.0.00000
-
cpe:2.3:a:servicetonic:servicetonic:8.0.031248
-
cpe:2.3:a:servicetonic:servicetonic:8.0.031610
-
cpe:2.3:a:servicetonic:servicetonic:8.0.24535
-
cpe:2.3:a:servicetonic:servicetonic:8.0.27024
-
cpe:2.3:a:servicetonic:servicetonic:8.0.27608
-
cpe:2.3:a:servicetonic:servicetonic:8.0.28350
-
cpe:2.3:a:servicetonic:servicetonic:8.0.28646
-
cpe:2.3:a:servicetonic:servicetonic:8.0.29214
-
cpe:2.3:a:servicetonic:servicetonic:8.0.29632
-
cpe:2.3:a:servicetonic:servicetonic:8.0.30392
-
cpe:2.3:a:servicetonic:servicetonic:8.0.30750
-
cpe:2.3:a:servicetonic:servicetonic:8.0.32429
-
cpe:2.3:a:servicetonic:servicetonic:8.0.33075
-
cpe:2.3:a:servicetonic:servicetonic:8.0.33692
-
cpe:2.3:a:servicetonic:servicetonic:9.0.00000
-
cpe:2.3:a:servicetonic:servicetonic:9.0.034565