Lucene search
Ubuntu.comUB:CVE-2011-1433HistoryMar 18, 2011 - 12:00 a.m.
CVE-2011-1433
2011-03-1800:00:00
ubuntu.com
ubuntu.com
7
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.001
Percentile
48.4%
The (1) AgentInterface and (2) CustomerInterface components in Open Ticket
Request System (OTRS) before 3.0.6 place cleartext credentials into the
session data in the database, which makes it easier for context-dependent
attackers to obtain sensitive information by reading the _UserLogin and
_UserPW fields.
Related
nvd
nvd
CVE-2011-1433
2011-03-18 16:55:01
cvelist
cvelist
CVE-2011-1433
2011-03-18 16:00:00
debiancve
debiancve
CVE-2011-1433
2011-03-18 16:55:01
prion
prion
Design/Logic Flaw
2011-03-18 16:55:00
openvas
openvas
Open Ticket Request System (OTRS) Information Disclosure Vulnerability
2011-03-25 00:00:00
cve
cve
CVE-2011-1433
2011-03-18 16:55:01
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.001
Percentile
48.4%
Related for UB:CVE-2011-1433