Lucene search
Ubuntu.comUB:CVE-2008-7277HistoryMar 18, 2011 - 12:00 a.m.
CVE-2008-7277
2011-03-1800:00:00
ubuntu.com
ubuntu.com
3
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
59.4%
Open Ticket Request System (OTRS) before 2.3.0-beta4 checks for the rw
permission, instead of the configured merge permission, during
authorization of merge operations, which might allow remote authenticated
users to bypass intended access restrictions by merging two tickets.
Related
nvd
nvd
CVE-2008-7277
2011-03-18 16:55:01
cvelist
cvelist
CVE-2008-7277
2022-10-03 16:13:53
cve
cve
CVE-2008-7277
2022-10-03 16:13:53
openvas
openvas
OTRS < 2.3.0-beta4 Merge Operations Restriction Bypass Vulnerability
2013-09-20 00:00:00
debiancve
debiancve
CVE-2008-7277
2022-10-03 16:13:53
prion
prion
Design/Logic Flaw
2011-03-18 16:55:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
59.4%
Related for UB:CVE-2008-7277