CVE-2005-3502
Published Nov 5, 2005
Last updated 8 years ago
Overview
- Description
- attachment_send.php in Cerberus Helpdesk allows remote attackers to view attachments and tickets of other users via a modified file_id parameter.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cerberus:cerberus_helpdesk:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BDBB3C1-CFEE-47DC-8B58-CF090A8A4159"
},
{
"criteria": "cpe:2.3:a:cerberus:cerberus_helpdesk:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "202D6E9A-BB68-4C89-866A-F6E8923D0BB3"
},
{
"criteria": "cpe:2.3:a:cerberus:cerberus_helpdesk:2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16DEA7DE-74BE-4AB4-8885-78E19DDDC065"
},
{
"criteria": "cpe:2.3:a:cerberus:cerberus_helpdesk:2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33548E68-283F-4FA9-B00A-A9B145A97443"
},
{
"criteria": "cpe:2.3:a:cerberus:cerberus_helpdesk:2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "517B2EEE-9680-4EE6-B0AC-BFAF275D31C8"
},
{
"criteria": "cpe:2.3:a:cerberus:cerberus_helpdesk:2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C6F44C4-A739-455A-BCAB-31D451617E8F"
},
{
"criteria": "cpe:2.3:a:cerberus:cerberus_helpdesk:2.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "566189CD-143C-4442-9BB9-CCBAE58E1E70"
}
],
"operator": "OR"
}
]
}
]