Lucene search
HistoryDec 19, 2014 - 3:59 p.m.
CVE-2014-9324
CVSS2
6
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
AI Score
6.2
Confidence
Low
EPSS
0.004
Percentile
74.4%
The GenericInterface in OTRS Help Desk 3.2.x before 3.2.17, 3.3.x before 3.3.11, and 4.0.x before 4.0.3 allows remote authenticated users to access and modify arbitrary tickets via unspecified vectors.
Affected configurations
Node
otrsotrs_help_deskMatch3.2.0
ORotrsotrs_help_deskMatch3.2.1
ORotrsotrs_help_deskMatch3.2.2
ORotrsotrs_help_deskMatch3.2.3
ORotrsotrs_help_deskMatch3.2.4
ORotrsotrs_help_deskMatch3.2.5
ORotrsotrs_help_deskMatch3.2.6
ORotrsotrs_help_deskMatch3.2.7
ORotrsotrs_help_deskMatch3.2.8
ORotrsotrs_help_deskMatch3.2.9
ORotrsotrs_help_deskMatch3.2.10
ORotrsotrs_help_deskMatch3.2.11
ORotrsotrs_help_deskMatch3.2.12
ORotrsotrs_help_deskMatch3.2.13
ORotrsotrs_help_deskMatch3.2.14
ORotrsotrs_help_deskMatch3.2.15
ORotrsotrs_help_deskMatch3.2.16
ORotrsotrs_help_deskMatch3.3.0
ORotrsotrs_help_deskMatch3.3.1
ORotrsotrs_help_deskMatch3.3.2
ORotrsotrs_help_deskMatch3.3.3
ORotrsotrs_help_deskMatch3.3.4
ORotrsotrs_help_deskMatch3.3.5
ORotrsotrs_help_deskMatch3.3.6
ORotrsotrs_help_deskMatch3.3.7
ORotrsotrs_help_deskMatch3.3.8
ORotrsotrs_help_deskMatch3.3.9
ORotrsotrs_help_deskMatch3.3.10
ORotrsotrs_help_deskMatch4.0.0
ORotrsotrs_help_deskMatch4.0.1
ORotrsotrs_help_deskMatch4.0.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| otrs | otrs_help_desk | 3.2.0 | cpe:2.3:a:otrs:otrs_help_desk:3.2.0:*:*:*:*:*:*:* |
| otrs | otrs_help_desk | 3.2.1 | cpe:2.3:a:otrs:otrs_help_desk:3.2.1:*:*:*:*:*:*:* |
| otrs | otrs_help_desk | 3.2.2 | cpe:2.3:a:otrs:otrs_help_desk:3.2.2:*:*:*:*:*:*:* |
| otrs | otrs_help_desk | 3.2.3 | cpe:2.3:a:otrs:otrs_help_desk:3.2.3:*:*:*:*:*:*:* |
| otrs | otrs_help_desk | 3.2.4 | cpe:2.3:a:otrs:otrs_help_desk:3.2.4:*:*:*:*:*:*:* |
| otrs | otrs_help_desk | 3.2.5 | cpe:2.3:a:otrs:otrs_help_desk:3.2.5:*:*:*:*:*:*:* |
| otrs | otrs_help_desk | 3.2.6 | cpe:2.3:a:otrs:otrs_help_desk:3.2.6:*:*:*:*:*:*:* |
| otrs | otrs_help_desk | 3.2.7 | cpe:2.3:a:otrs:otrs_help_desk:3.2.7:*:*:*:*:*:*:* |
| otrs | otrs_help_desk | 3.2.8 | cpe:2.3:a:otrs:otrs_help_desk:3.2.8:*:*:*:*:*:*:* |
| otrs | otrs_help_desk | 3.2.9 | cpe:2.3:a:otrs:otrs_help_desk:3.2.9:*:*:*:*:*:*:* |
Related
nessus
nessus
Debian DSA-3124-1 : otrs2 - security update
2015-01-12 00:00:00
FreeBSD : otrs -- Incomplete Access Control (0c5cf7c4-856e-11e4-a089-60a44c524f57)
2014-12-17 00:00:00
Mandriva Linux Security Advisory : otrs (MDVSA-2015:043)
2015-02-11 00:00:00
freebsd
freebsd
otrs -- Incomplete Access Control
2014-12-16 00:00:00
osv
osv
otrs2 - security update
2015-01-10 00:00:00
otrs-3.3.16-37.1 on GA media
2024-06-15 00:00:00
cvelist
cvelist
CVE-2014-9324
2014-12-19 15:00:00
openvas
openvas
OTRS Help Desk Privilege Escalation Vulnerability (Dec 2014)
2014-12-24 00:00:00
Mageia: Security Advisory (MGASA-2015-0031)
2022-01-28 00:00:00
Debian Security Advisory DSA 3124-1 (otrs2 - security update)
2015-01-10 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3124-1] otrs2 security update
2015-01-19 00:00:00
debiancve
debiancve
CVE-2014-9324
2014-12-19 15:59:18
ubuntucve
ubuntucve
CVE-2014-9324
2014-12-19 00:00:00
prion
prion
Design/Logic Flaw
2014-12-19 15:59:00
debian
debian
[SECURITY] [DSA 3124-1] otrs2 security update
2015-01-10 12:40:49
[SECURITY] [DSA 3124-1] otrs2 security update
2015-01-10 12:40:49
mageia
mageia
Updated otrs package fixes CVE-2014-9324
2015-01-20 17:57:33
cve
cve
CVE-2014-9324
2014-12-19 15:59:18
CVSS2
6
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
AI Score
6.2
Confidence
Low
EPSS
0.004
Percentile
74.4%
Related for NVD:CVE-2014-9324