Kayako Fusion Database Report Generation Information Disclosure Vulnerability
BID:50894
Info
Kayako Fusion Database Report Generation Information Disclosure Vulnerability
| Bugtraq ID: | 50894 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 02 2011 12:00AM |
| Updated: | Dec 02 2011 12:00AM |
| Credit: | Yuri Goltsev and Alexander Zaitsev of Positive Research Center |
| Vulnerable: |
Kayako Fusion 0 |
| Not Vulnerable: | |
Discussion
Kayako Fusion Database Report Generation Information Disclosure Vulnerability
Kayako Fusion is prone to an information-disclosure vulnerability.
Successful exploits of this issue may allow an attacker to obtain sensitive information, such as username and password hashes.
Kayako Fusion is prone to an information-disclosure vulnerability.
Successful exploits of this issue may allow an attacker to obtain sensitive information, such as username and password hashes.
Exploit / POC
Kayako Fusion Database Report Generation Information Disclosure Vulnerability
Attackers can exploit the issue by using readily available utilities.
Attackers can exploit the issue by using readily available utilities.
Solution / Fix
Kayako Fusion Database Report Generation Information Disclosure Vulnerability
Solution:
Updates are available. Please see the references for details.
Solution:
Updates are available. Please see the references for details.
References
Kayako Fusion Database Report Generation Information Disclosure Vulnerability
References:
References: