CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-11431
https://notcve.org/view.php?id=CVE-2020-11431
The documentation component in i-net Clear Reports 16.0 to 19.2, HelpDesk 8.0 to 8.3, and PDFC 4.3 to 6.2 allows a remote unauthenticated attacker to read arbitrary system files and directories on the target server via Directory Traversal. El componente documentation en i-net Clear Reports versiones 16.0 hasta 19.2, HelpDesk versiones 8.0 hasta 8.3 y PDFC versiones 4.3 hasta 6.2, permite a un atacante remoto no autenticado leer archivos y directorios arbitrarios del sistema en el servidor objetivo por medio de un Salto de Directorio. • https://www.inetsoftware.de/documentation/clear-reports/release-notes/releases/changes_19.2 https://www.inetsoftware.de/support/news/i-net-clear-reports-security-advisory-2020-apr-06 https://www.inetsoftware.de/support/news/i-net-helpdesk-sicherheitsankuendigung-2020-apr-06 https://www.inetsoftware.de/support/news/i-net-pdfc-security-advisory-2020-apr-06 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.2EPSS: 7%CPEs: 1EXPL: 2CVE-2017-18486
https://notcve.org/view.php?id=CVE-2017-18486
Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of mishandling of the User/AutoLogin userHash parameter. By inspecting the token value provided in a password reset link, a user can leverage a weak PRNG to recover the shared secret used by the server for remote authentication. The shared secret can be used to escalate privileges by forging new tokens for any user. These tokens can be used to automatically log in as the affected user. Jitbit Helpdesk en versiones anteriores a 9.0.3, permite a los atacantes remotos escalar privilegios debido al manejo inapropiado del parámetro userHash del archivo User/AutoLogin. • https://github.com/Kc57/JitBit_Helpdesk_Auth_Bypass https://packetstormsecurity.com/files/144334/JitBit-Helpdesk-9.0.2-Broken-Authentication.html https://www.exploit-db.com/exploits/42776 https://www.trustedsec.com/2017/09/full-disclosure-jitbit-helpdesk-authentication-bypass-0-day • CWE-332: Insufficient Entropy in PRNG •