CVE-2008-7282

Опубликовано: 18 мар. 2011

Источник: nvd

CVSS2: 4.6

EPSS Низкий

Описание

Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open Ticket Request System (OTRS) before 2.2.6, when the CustomerPanelOwnSelection and CustomerGroupSupport options are enabled, allows remote authenticated users to bypass intended access restrictions, and perform certain (1) list and (2) write operations on queues, via unspecified vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*

Версия до 2.2.5 (включая)

cpe:2.3:a:otrs:otrs:0.5:beta1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:0.5:beta2:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:0.5:beta3:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:0.5:beta4:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:0.5:beta5:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:0.5:beta6:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:0.5:beta7:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:0.5:beta8:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.0:rc1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.0:rc2:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.0:rc3:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.1:rc1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.1.0:rc1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.1.0:rc2:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.1.3:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.1.4:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.2.0:beta1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.2.0:beta2:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.2.0:beta3:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.2.4:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.3.0:beta1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.3.0:beta2:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.3.0:beta3:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.3.0:beta4:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.3.2:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.3.3:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.0:beta1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.0:beta2:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.0:beta4:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.0:beta5:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.0:beta6:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.5:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.0:beta1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.0:beta2:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.3:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.4:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.5:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.6:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.7:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.8:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.9:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.0:beta1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.0:beta2:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.0:beta3:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.0:beta4:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.0:rc1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.1:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.2:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.3:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.4:*:*:*:*:*:*:*

EPSS

Процентиль: 42%

0.00196

Низкий

4.6 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2008-7282

ubuntu

больше 14 лет назад

CVE-2008-7282

debian

больше 14 лет назад

Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open T ...

GHSA-4v93-238v-585f

github

больше 3 лет назад

EPSS

Процентиль: 42%

0.00196

Низкий

4.6 Medium

CVSS2

Дефекты

CWE-264