Vulnerabilities > CVE-2023-3037 - Unspecified vulnerability in Helpdezk 1.1.10

CVSS 8.6 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

LOW

Availability impact

LOW

network

low complexity

helpdezk

NVD

Published: 2023-10-04

Updated: 2023-10-05

Summary

Improper authorization vulnerability in HelpDezk Community affecting version 1.1.10. This vulnerability could allow a remote attacker to access the platform without authentication and retrieve personal data via the jsonGrid parameter.

Vulnerable Configurations

Part	Description	Count
Application	Helpdezk Helpdezk Helpdezk 1.1.10	1

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-helpdezk-community