CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
60.3%
Open Ticket Request System (OTRS) before 2.3.6 does not properly handle e-mail messages in which the From line contains UTF-8 characters associated with diacritical marks and an invalid charset, which allows remote attackers to cause a denial of service (duplicate tickets and duplicate auto-responses) by sending a crafted message to a POP3 mailbox.
Vendor | Product | Version | CPE |
---|---|---|---|
otrs | otrs | 2.3.0 | cpe:/a:otrs:otrs:2.3.0:beta4:: |
otrs | otrs | 1.3.0 | cpe:/a:otrs:otrs:1.3.0:beta3:: |
otrs | otrs | 2.0.0 | cpe:/a:otrs:otrs:2.0.0:beta5:: |
otrs | otrs | 1.2.0 | cpe:/a:otrs:otrs:1.2.0:beta1:: |
otrs | otrs | 2.0.0 | cpe:/a:otrs:otrs:2.0.0:beta6:: |
otrs | otrs | cpe:/a:otrs:otrs:::: | |
otrs | otrs | 1.1.1 | cpe:/a:otrs:otrs:1.1.1::: |
otrs | otrs | 2.3.0 | cpe:/a:otrs:otrs:2.3.0:rc1:: |
otrs | otrs | 2.0.5 | cpe:/a:otrs:otrs:2.0.5::: |
otrs | otrs | 2.3.0 | cpe:/a:otrs:otrs:2.3.0:beta2:: |