Support Incident Tracker Blank Password Authentication Bypass Vulnerability Network Vulnerability

Summary

Support Incident Tracker (SiT!) is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to gain unauthorized access to the affected application. Versions prior to Support Incident Tracker (SiT!) 3.51 are vulnerable.

Solution

The vendor has released an update. Please see the references for more information.

References

http://sitracker.org/wiki/ReleaseNotes351
http://sitracker.sourceforge.net
http://www.securityfocus.com/bid/37949

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-1596

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adiscon LogAnalyzer 'highlight' Parameter Cross Site Scripting Vulnerability
7Media Web Solutions EduTrac Directory Traversal Vulnerability
@Mail 'MailType' Parameter Cross Site Scripting Vulnerability
Apache Web Server ETag Header Information Disclosure Weakness
Apache Tomcat SecurityConstraints Security Bypass Vulnerability

Take action and discover your vulnerabilities