CVE-2014-9324

Published Dec 19, 2014
Last updated 8 years ago
CVSS info 6.0
Overview

Description: The GenericInterface in OTRS Help Desk 3.2.x before 3.2.17, 3.3.x before 3.3.11, and 4.0.x before 4.0.3 allows remote authenticated users to access and modify arbitrary tickets via unspecified vectors.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 6
Impact score: 6.4
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-264
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85C43618-9317-4559-B2CE-F2A541D6E5AE"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED3BC9F0-FE36-44C6-8C5E-69AD0355FCD3"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A987515-9963-404E-A208-7941AE80A111"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05216F9E-D1A9-402C-AC9D-A1E863C29C53"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BAD7998C-4D93-4E03-95A6-847C50EBFAD4"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9DFB3525-C9D7-4891-8F15-413AAC2E2688"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAA10EEF-5B03-4D58-A446-6A1D2233B525"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86D1B50A-0C2D-454F-8CD6-9A22082CC227"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99ED2D2A-CFA9-4DE3-BDC7-9FFBB0EAA436"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7AA83D4-DAA9-4A19-8D84-7740A3657630"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "233773E3-F47C-4204-896A-74AB64E8DE2E"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F8A83BF-29CF-431E-9C3A-D8ADB47ABB11"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12327A36-5117-4A7B-BF85-55A07309A7EA"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02114451-004D-4CBE-BA5E-AD88EF07FB57"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A62B510-5E06-4F21-82AD-2D05A3991AD3"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5E7638E-5E9C-4604-9111-E22A889CBCAC"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3AF4C611-5A51-4E18-9D1A-25E2AEAE0A42"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "789DDC2E-584D-4582-B9CA-FBC6E3CE3CA0"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69C34B87-C8AE-4E36-8E42-B2FF0B874887"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCC01E70-A568-4A16-9E42-48D648F44FB8"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "703E7AB0-6B55-4BE0-A31C-75EB81B9DA64"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D5AA450-91CA-412C-A68A-A9AF84E88649"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67458A64-244F-45CC-A4F8-077A5272291E"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F18DA1F-2C74-4079-9BEE-25725B586D0F"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99406C47-11AF-47D5-8D3F-A6E9C266FA60"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1888D69D-B68E-4120-A42C-75B53734F308"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC0F6CFF-CC4E-4551-A879-4EB3AAE629F4"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7DA0B533-06A1-45E8-AAF3-BDD11BF251B8"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43DFED6B-B905-4D20-AC7B-EDD058988A4C"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5364466B-2C01-4F7A-9CB8-21F80F80A756"
          },
          {
            "criteria": "cpe:2.3:a:otrs:otrs_help_desk:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30D84E9A-D176-4D5B-A48F-95D9540ED77D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
