Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-4761

Опубликовано: 18 мар. 2011
Источник: nvd
CVSS2: 4
EPSS Низкий

Описание

The customer-interface ticket-print dialog in Open Ticket Request System (OTRS) before 3.0.0-beta3 does not properly restrict customer-visible data, which allows remote authenticated users to obtain potentially sensitive information from the (1) responsible, (2) owner, (3) accounted time, (4) pending until, and (5) lock fields by reading this dialog.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:otrs:otrs:*:beta2:*:*:*:*:*:*
Версия до 3.0.0 (включая)
cpe:2.3:a:otrs:otrs:0.5:beta1:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:0.5:beta2:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:0.5:beta3:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:0.5:beta4:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:0.5:beta5:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:0.5:beta6:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:0.5:beta7:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:0.5:beta8:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.0:rc3:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.1:rc1:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.2.0:beta1:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.2.0:beta2:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.2.0:beta3:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.3.0:beta1:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.3.0:beta2:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.3.0:beta3:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.3.0:beta4:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.0:beta5:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.0:beta6:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.1.0:beta1:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.1.0:beta2:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.1.5:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.1.6:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.1.7:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.1.8:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.1.9:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.2.0:beta1:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.2.0:beta2:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.2.0:beta3:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.2.0:beta4:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.2.9:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.3.0:beta1:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.3.0:beta2:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.3.0:beta3:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.3.0:beta4:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.3.0:rc1:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.4.0:beta1:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.4.0:beta2:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.4.0:beta3:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.4.0:beta4:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.4.0:beta5:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.4.0:beta6:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.4.7:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.4.8:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.4.9:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.4.10:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:3.0.0:beta1:*:*:*:*:*:*

EPSS

Процентиль: 40%
0.00176
Низкий

4 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2010-4761

ubuntu
больше 14 лет назад

The customer-interface ticket-print dialog in Open Ticket Request System (OTRS) before 3.0.0-beta3 does not properly restrict customer-visible data, which allows remote authenticated users to obtain potentially sensitive information from the (1) responsible, (2) owner, (3) accounted time, (4) pending until, and (5) lock fields by reading this dialog.

debian логотип

CVE-2010-4761

debian
больше 14 лет назад

The customer-interface ticket-print dialog in Open Ticket Request Syst ...

github логотип

GHSA-23mc-xgfq-qhjf

github
около 3 лет назад

The customer-interface ticket-print dialog in Open Ticket Request System (OTRS) before 3.0.0-beta3 does not properly restrict customer-visible data, which allows remote authenticated users to obtain potentially sensitive information from the (1) responsible, (2) owner, (3) accounted time, (4) pending until, and (5) lock fields by reading this dialog.

EPSS

Процентиль: 40%
0.00176
Низкий

4 Medium

CVSS2

Дефекты

CWE-264