Lucene search
HistoryMar 11, 2011 - 5:55 p.m.
CVE-2011-0456
otrs
command injection
vulnerability
cve-2011-0456
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.6%
webscript.pl in Open Ticket Request System (OTRS) 2.3.4 and earlier allows remote attackers to execute arbitrary commands via unspecified vectors, related to a “command injection vulnerability.”
Affected configurations
Node
otrsotrsRange≤2.3.4
ORotrsotrsMatch1.3.2
ORotrsotrsMatch1.3.3
ORotrsotrsMatch2.0.1
ORotrsotrsMatch2.0.2
ORotrsotrsMatch2.0.3
ORotrsotrsMatch2.0.4
ORotrsotrsMatch2.0.5
ORotrsotrsMatch2.1.1
ORotrsotrsMatch2.1.2
ORotrsotrsMatch2.1.3
ORotrsotrsMatch2.1.4
ORotrsotrsMatch2.1.5
ORotrsotrsMatch2.1.6
ORotrsotrsMatch2.1.7
ORotrsotrsMatch2.1.8
ORotrsotrsMatch2.1.9
ORotrsotrsMatch2.2.1
ORotrsotrsMatch2.2.2
ORotrsotrsMatch2.2.3
ORotrsotrsMatch2.2.4
ORotrsotrsMatch2.2.5
ORotrsotrsMatch2.2.6
ORotrsotrsMatch2.2.7
ORotrsotrsMatch2.2.8
ORotrsotrsMatch2.2.9
ORotrsotrsMatch2.3.1
ORotrsotrsMatch2.3.2
ORotrsotrsMatch2.3.3
Related
nessus
nessus
openSUSE Security Update : otrs (openSUSE-SU-2011:0278-1)
2011-05-05 00:00:00
prion
prion
Command injection
2011-03-11 17:55:00
cvelist
cvelist
CVE-2011-0456
2011-03-11 17:00:00
nvd
nvd
CVE-2011-0456
2011-03-11 17:55:02
jvn
jvn
JVN#73162541: OTRS vulnerable to OS command injection
2011-03-07 00:00:00
openvas
openvas
OTRS < 2.3.5 Command Execution Vulnerability
2011-03-22 00:00:00
ubuntucve
ubuntucve
CVE-2011-0456
2011-03-11 00:00:00
debiancve
debiancve
CVE-2011-0456
2011-03-11 17:55:02
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.6%
Related for CVE-2011-0456