CVE-2008-6440

high

Description

Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for "controllers ... that aren't standard helpdesk pages," possibly involving the (1) /display and (2) /kb URIs.

References

http://www.securityfocus.com/bid/29335

http://www.cerb4.com/blog/2008/05/15/important-security-patch-40-build-599/

http://secunia.com/advisories/30344

Details

Source: Mitre, NVD

Published: 2009-03-06

Updated: 2009-03-10

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

Detections

Analytics