1.9
CVE-2010-4758
- EPSS 0.38%
- Veröffentlicht 18.03.2011 16:55:01
- Zuletzt bearbeitet 16.06.2026 23:25:29
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
installer.pl in Open Ticket Request System (OTRS) before 3.0.3 has an Inbound Mail Password field that uses the text type, instead of the password type, for its INPUT element, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.291 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 1.9 | 3.4 | 2.9 |
AV:L/AC:M/Au:N/C:P/I:N/A:N
|
http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807
http://bugs.otrs.org/show_bug.cgi?id=6302