Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-4758HistoryOct 03, 2022 - 4:21 p.m.
CVE-2010-4758
2022-10-0316:21:06
Debian Security Bug Tracker
security-tracker.debian.org
8
otrs
weak password
installer.pl
unix
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0005 Low
EPSS
Percentile
17.9%
installer.pl in Open Ticket Request System (OTRS) before 3.0.3 has an Inbound Mail Password field that uses the text type, instead of the password type, for its INPUT element, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | otrs2 | < 3.0.8+dfsg1-1 | otrs2_3.0.8+dfsg1-1_all.deb |
Related
prion
prion
Input validation
2011-03-18 16:55:00
nvd
nvd
CVE-2010-4758
2011-03-18 16:55:01
openvas
openvas
OTRS < 3.0.3 installer.pl Password Disclosure Vulnerability
2013-09-21 00:00:00
cve
cve
CVE-2010-4758
2022-10-03 16:21:06
cvelist
cvelist
CVE-2010-4758
2022-10-03 16:21:06
ubuntucve
ubuntucve
CVE-2010-4758
2011-03-18 00:00:00
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0005 Low
EPSS
Percentile
17.9%
Related for DEBIANCVE:CVE-2010-4758