Summary
Support Incident Tracker (SiT!) is prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to gain unauthorized access to the affected application.
Versions prior to Support Incident Tracker (SiT!) 3.51 are vulnerable.
Solution
The vendor has released an update. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2010-1596 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe JRun Management Console Multiple Vulnerabilities
- A4Desk Event Calendar 'eventid' Parameter SQL Injection Vulnerability
- @Mail WebMail Email Body HTML Injection Vulnerability
- Adobe ColdFusion Multiple Full Path Disclosure Vulnerabilities
- Adiscon LogAnalyzer 'highlight' Parameter Cross Site Scripting Vulnerability