6.5
CVE-2011-2385
- EPSS 1.74%
- Veröffentlicht 19.07.2011 20:55:01
- Zuletzt bearbeitet 16.06.2026 23:31:14
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The iPhoneHandle package 0.9.x before 0.9.7 and 1.0.x before 1.0.3 in Open Ticket Request System (OTRS) does not properly restrict use of the iPhoneHandle interface, which allows remote authenticated users to gain privileges, and consequently read or modify OTRS core objects, via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Otrs ≫ Iphonehandle Version0.9.1
Otrs ≫ Iphonehandle Version0.9.2
Otrs ≫ Iphonehandle Version0.9.3
Otrs ≫ Iphonehandle Version0.9.4
Otrs ≫ Iphonehandle Version0.9.5
Otrs ≫ Iphonehandle Version0.9.6
Otrs ≫ Iphonehandle Version1.0.1
Otrs ≫ Iphonehandle Version1.0.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.74% | 0.748 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|
http://osvdb.org/73885
http://otrs.org/advisory/OSA-2011-02-en/
http://secunia.com/advisories/45227
http://www.securityfocus.com/bid/48678
https://exchange.xforce.ibmcloud.com/vulnerabilities/68558