cvedb.io
CVE-2024-53855
LOW · CVSS 1.9
EPSS exploitation probability: 0%
Published 2024-11-27T19:15:33.563 · Last modified 2026-06-17T08:09:25.230

Summary

Centurion ERP (Enterprise Rescource Planning) is a simple application developed to provide open source IT management with a large emphasis on the IT Service Management (ITSM) modules. A user who is authenticated and has view permissions for a ticket, can view the tickets of another organization they are not apart of. Users with following permissions are applicable: 1. `view_ticket_change` permission can view change tickets from organizations they are not apart of. 2. `view_ticket_incident` permission can view incident tickets from organizations they are not apart of. 3. `view_ticket_request` permission can view request tickets from organizations they are not apart of. 4. `view_ticket_problem` permission can view problem tickets from organizations they are not apart of. The access to view t

Affected products

nofusscomputing — centurion_erp

Does this affect you?

Add your gear to cvedb and we'll alert you only when nofusscomputing ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.