VYPR
Unrated severityNVD Advisory· Published Jul 1, 2020· Updated Aug 4, 2024

CVE-2020-2500

CVE-2020-2500

Description

This improper access control vulnerability in Helpdesk allows attackers to get control of QNAP Kayako service. Attackers can access the sensitive data on QNAP Kayako server with API keys. We have replaced the API key to mitigate the vulnerability, and already fixed the issue in Helpdesk 3.0.1 and later versions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Viart/Helpdeskllm-fuzzy
    Range: <3.0.1
  • QNAP Systems Inc./Helpdeskv5
    Range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.