Lucene search
K

4 matches found

NVD
NVD
added 2011/03/18 4:55 p.m.24 views

CVE-2009-5056

Open Ticket Request System OTRS before 2.4.0-beta2 does not properly enforce the moveinto permission setting for a queue, which allows remote authenticated users to bypass intended access restrictions and read a ticket by watching this ticket, and then selecting the ticket from the watched-ticket...

2.1CVSS6.2AI score0.00892EPSS
Exploits1References2
OSV
OSV
added 2011/03/18 4:55 p.m.7 views

CVE-2009-5056

Open Ticket Request System OTRS before 2.4.0-beta2 does not properly enforce the moveinto permission setting for a queue, which allows remote authenticated users to bypass intended access restrictions and read a ticket by watching this ticket, and then selecting the ticket from the watched-ticket...

6.4AI score
Exploits0References2
CVE
CVE
added 2011/03/18 4:0 p.m.55 views

CVE-2009-5056

CVE-2009-5056 affects Open Ticket Request System (OTRS) prior to 2.4.0-beta2. The flaw is an improper enforcement of the queue move_into permission that allows remote authenticated users to bypass access controls and read a ticket by watching it, then selecting it from the watched-tickets list. T...

2.1CVSS6.3AI score0.00892EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2011/03/18 4:0 p.m.18 views

CVE-2009-5056

Open Ticket Request System OTRS before 2.4.0-beta2 does not properly enforce the moveinto permission setting for a queue, which allows remote authenticated users to bypass intended access restrictions and read a ticket by watching this ticket, and then selecting the ticket from the watched-ticket...

2.1CVSS6AI score0.00892EPSS
Exploits1
Rows per page
Query Builder