Lucene search
HistoryOct 03, 2022 - 4:21 p.m.
CVE-2010-4759
otrs
cve-2010-4759
denial of service
fulltext search
security vulnerability
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
6.3 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
53.1%
Open Ticket Request System (OTRS) before 3.0.0-beta7 does not properly restrict the ticket ages that are within the scope of a search, which allows remote authenticated users to cause a denial of service (daemon hang) via a fulltext search.
Affected configurations
Node
otrsotrsRange≤3.0.0beta6
ORotrsotrsMatch0.5beta1
ORotrsotrsMatch0.5beta2
ORotrsotrsMatch0.5beta3
ORotrsotrsMatch0.5beta4
ORotrsotrsMatch0.5beta5
ORotrsotrsMatch0.5beta6
ORotrsotrsMatch0.5beta7
ORotrsotrsMatch0.5beta8
ORotrsotrsMatch1.0rc1
ORotrsotrsMatch1.0rc2
ORotrsotrsMatch1.0rc3
ORotrsotrsMatch1.0.0
ORotrsotrsMatch1.0.1
ORotrsotrsMatch1.0.2
ORotrsotrsMatch1.1rc1
ORotrsotrsMatch1.1.0rc1
ORotrsotrsMatch1.1.0rc2
ORotrsotrsMatch1.1.1
ORotrsotrsMatch1.1.2
ORotrsotrsMatch1.1.3
ORotrsotrsMatch1.1.4
ORotrsotrsMatch1.2.0beta1
ORotrsotrsMatch1.2.0beta2
ORotrsotrsMatch1.2.0beta3
ORotrsotrsMatch1.2.1
ORotrsotrsMatch1.2.2
ORotrsotrsMatch1.2.3
ORotrsotrsMatch1.2.4
ORotrsotrsMatch1.3.0beta1
ORotrsotrsMatch1.3.0beta2
ORotrsotrsMatch1.3.0beta3
ORotrsotrsMatch1.3.0beta4
ORotrsotrsMatch1.3.1
ORotrsotrsMatch1.3.2
ORotrsotrsMatch1.3.3
ORotrsotrsMatch2.0.0
ORotrsotrsMatch2.0.0beta1
ORotrsotrsMatch2.0.0beta2
ORotrsotrsMatch2.0.0beta4
ORotrsotrsMatch2.0.0beta5
ORotrsotrsMatch2.0.0beta6
ORotrsotrsMatch2.0.1
ORotrsotrsMatch2.0.2
ORotrsotrsMatch2.0.3
ORotrsotrsMatch2.0.4
ORotrsotrsMatch2.0.5
ORotrsotrsMatch2.1.0beta1
ORotrsotrsMatch2.1.0beta2
ORotrsotrsMatch2.1.1
ORotrsotrsMatch2.1.2
ORotrsotrsMatch2.1.3
ORotrsotrsMatch2.1.4
ORotrsotrsMatch2.1.5
ORotrsotrsMatch2.1.6
ORotrsotrsMatch2.1.7
ORotrsotrsMatch2.1.8
ORotrsotrsMatch2.1.9
ORotrsotrsMatch2.2.0beta1
ORotrsotrsMatch2.2.0beta2
ORotrsotrsMatch2.2.0beta3
ORotrsotrsMatch2.2.0beta4
ORotrsotrsMatch2.2.0rc1
ORotrsotrsMatch2.2.1
ORotrsotrsMatch2.2.2
ORotrsotrsMatch2.2.3
ORotrsotrsMatch2.2.4
ORotrsotrsMatch2.2.5
ORotrsotrsMatch2.2.6
ORotrsotrsMatch2.2.7
ORotrsotrsMatch2.2.8
ORotrsotrsMatch2.2.9
ORotrsotrsMatch2.3.0beta1
ORotrsotrsMatch2.3.0beta2
ORotrsotrsMatch2.3.0beta3
ORotrsotrsMatch2.3.0beta4
ORotrsotrsMatch2.3.0rc1
ORotrsotrsMatch2.3.1
ORotrsotrsMatch2.3.2
ORotrsotrsMatch2.3.3
ORotrsotrsMatch2.3.4
ORotrsotrsMatch2.3.5
ORotrsotrsMatch2.3.6
ORotrsotrsMatch2.4.0beta1
ORotrsotrsMatch2.4.0beta2
ORotrsotrsMatch2.4.0beta3
ORotrsotrsMatch2.4.0beta4
ORotrsotrsMatch2.4.0beta5
ORotrsotrsMatch2.4.0beta6
ORotrsotrsMatch2.4.1
ORotrsotrsMatch2.4.2
ORotrsotrsMatch2.4.3
ORotrsotrsMatch2.4.4
ORotrsotrsMatch2.4.5
ORotrsotrsMatch2.4.6
ORotrsotrsMatch2.4.7
ORotrsotrsMatch2.4.8
ORotrsotrsMatch2.4.9
ORotrsotrsMatch2.4.10
ORotrsotrsMatch3.0.0beta1
ORotrsotrsMatch3.0.0beta2
ORotrsotrsMatch3.0.0beta3
ORotrsotrsMatch3.0.0beta4
ORotrsotrsMatch3.0.0beta5
Related
debiancve
debiancve
CVE-2010-4759
2022-10-03 16:21:05
openvas
openvas
OTRS < 3.0.0-beta7 Ticket Age Remote DoS Vulnerability
2013-09-21 00:00:00
nvd
nvd
CVE-2010-4759
2011-03-18 16:55:01
cvelist
cvelist
CVE-2010-4759
2022-10-03 16:21:05
prion
prion
Open redirect
2011-03-18 16:55:00
ubuntucve
ubuntucve
CVE-2010-4759
2011-03-18 00:00:00
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
6.3 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
53.1%
Related for CVE-2010-4759