Lucene search
Japan Vulnerability NotesJVN:73162541HistoryMar 07, 2011 - 12:00 a.m.
JVN#73162541: OTRS vulnerable to OS command injection
2011-03-0700:00:00
Japan Vulnerability Notes
jvn.jp
17
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
69.6%
OTRS provided by the OTRS Project is a ticket management system. OTRS contains an OS command injection vulnerability.
Impact
An arbitrary OS command may be executed with the privileges of OTRS on the server where it is installed.
Solution
Update the software
Update to the latest version according to the information provided by the developer.
Products Affected
- OTRS 2.3.4 and earlier
Related
cve
cve
CVE-2011-0456
2011-03-11 17:55:02
nvd
nvd
CVE-2011-0456
2011-03-11 17:55:02
nessus
nessus
openSUSE Security Update : otrs (openSUSE-SU-2011:0278-1)
2011-05-05 00:00:00
prion
prion
Command injection
2011-03-11 17:55:00
cvelist
cvelist
CVE-2011-0456
2011-03-11 17:00:00
openvas
openvas
OTRS < 2.3.5 Command Execution Vulnerability
2011-03-22 00:00:00
ubuntucve
ubuntucve
CVE-2011-0456
2011-03-11 00:00:00
debiancve
debiancve
CVE-2011-0456
2011-03-11 17:55:02
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
69.6%
Related for JVN:73162541