CVE-2008-7283

Опубликовано: 18 мар. 2011

Источник: nvd

CVSS2: 6

EPSS Низкий

Описание

Open Ticket Request System (OTRS) before 2.2.6, when customer group support is enabled, allows remote authenticated users to bypass intended access restrictions and perform web-interface updates to tickets by leveraging queue read permissions.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*

Версия до 2.2.5 (включая)

cpe:2.3:a:otrs:otrs:0.5:beta1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:0.5:beta2:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:0.5:beta3:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:0.5:beta4:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:0.5:beta5:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:0.5:beta6:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:0.5:beta7:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:0.5:beta8:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.0:rc1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.0:rc2:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.0:rc3:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.1:rc1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.1.0:rc1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.1.0:rc2:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.1.3:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.1.4:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.2.0:beta1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.2.0:beta2:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.2.0:beta3:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.2.4:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.3.0:beta1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.3.0:beta2:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.3.0:beta3:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.3.0:beta4:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.3.2:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:1.3.3:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.0:beta1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.0:beta2:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.0:beta4:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.0:beta5:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.0:beta6:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.0.5:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.0:beta1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.0:beta2:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.3:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.4:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.5:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.6:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.7:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.8:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.1.9:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.0:beta1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.0:beta2:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.0:beta3:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.0:beta4:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.0:rc1:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.1:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.2:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.3:*:*:*:*:*:*:*

cpe:2.3:a:otrs:otrs:2.2.4:*:*:*:*:*:*:*

EPSS

Процентиль: 34%

0.00135

Низкий

6 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2008-7283

ubuntu

больше 14 лет назад

CVE-2008-7283

debian

больше 14 лет назад

Open Ticket Request System (OTRS) before 2.2.6, when customer group su ...

GHSA-vgm4-v633-q73c

github

больше 3 лет назад

EPSS

Процентиль: 34%

0.00135

Низкий

6 Medium

CVSS2

Дефекты

CWE-264