CVE-2023-30082

2023-06-1420:15:09

Google

osv.dev

denial of service

osticket

server

long password

cpu

memory

cve-2023-30082

software

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.9%

JSON

A denial of service attack might be launched against the server if an unusually lengthy password (more than 10000000 characters) is supplied using the osTicket application. This can cause the website to go down or stop responding. When a long password is entered, this procedure will consume all available CPU and memory.

CPENameOperatorVersion
osticketeq1.9.12
osticketeq1.10-dpr
osticketeq1.9-rc
osticketeq1.12
osticketeq1.11
osticketeq1.10.3
osticketeq1.10
osticketeq1.9.4-dpr
osticketeq1.14.-rc1
osticketeq1.9.9

Name	Operator	Version
osticket	eq	1.9.12
osticket	eq	1.10-dpr
osticket	eq	1.9-rc
osticket	eq	1.12
osticket	eq	1.11
osticket	eq	1.10.3
osticket	eq	1.10
osticket	eq	1.9.4-dpr
osticket	eq	1.14.-rc1
osticket	eq	1.9.9