Lucene search

Ubuntu.comUB:CVE-2008-7282

HistoryMar 18, 2011 - 12:00 a.m.

CVE-2008-7282

2011-03-1800:00:00

ubuntu.com

CVSS2

4.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:P/I:P/A:P

EPSS

0.002

Percentile

59.0%

JSON

Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open Ticket
Request System (OTRS) before 2.2.6, when the CustomerPanelOwnSelection and
CustomerGroupSupport options are enabled, allows remote authenticated users
to bypass intended access restrictions, and perform certain (1) list and
(2) write operations on queues, via unspecified vectors.

References

launchpad.net/bugs/cve/CVE-2008-7282

nvd.nist.gov/vuln/detail/CVE-2008-7282

security-tracker.debian.org/tracker/CVE-2008-7282

www.cve.org/CVERecord?id=CVE-2008-7282

CVSS2

4.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:P/I:P/A:P

EPSS

0.002

Percentile

59.0%

JSON

Related for UB:CVE-2008-7282