Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-7282HistoryMar 18, 2011 - 4:55 p.m.
CVE-2008-7282
2011-03-1816:55:01
Debian Security Bug Tracker
security-tracker.debian.org
13
kernel/output/html
customernewticketqueueselectiongeneric.pm
otrs
access restrictions
remote authenticated users
list operations
write operations
queues
security vulnerability
unix
CVSS2
4.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
EPSS
0.002
Percentile
59.0%
Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open Ticket Request System (OTRS) before 2.2.6, when the CustomerPanelOwnSelection and CustomerGroupSupport options are enabled, allows remote authenticated users to bypass intended access restrictions, and perform certain (1) list and (2) write operations on queues, via unspecified vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | otrs2 | < 2.2.6-1 | otrs2_2.2.6-1_all.deb |
Related
nvd
nvd
CVE-2008-7282
2011-03-18 16:55:01
ubuntucve
ubuntucve
CVE-2008-7282
2011-03-18 00:00:00
cve
cve
CVE-2008-7282
2011-03-18 16:55:01
prion
prion
Hardcoded credentials
2011-03-18 16:55:00
cvelist
cvelist
CVE-2008-7282
2011-03-18 16:00:00
CVSS2
4.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
EPSS
0.002
Percentile
59.0%
Related for DEBIANCVE:CVE-2008-7282