CVE-2009-5057 (GCVE-0-2009-5057)

Vulnerability from cvelistv5 – Published: 2011-03-18 16:00 – Updated: 2024-09-16 23:51
VLAI
Summary
The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 does not configure the RANDFILE and HOME environment variables for OpenSSL, which might make it easier for remote attackers to decrypt e-mail messages that had lower than intended entropy available for cryptographic operations, related to inability to write to the seeding file.
Severity
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:24:54.066Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.otrs.org/show_bug.cgi?id=3462"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 does not configure the RANDFILE and HOME environment variables for OpenSSL, which might make it easier for remote attackers to decrypt e-mail messages that had lower than intended entropy available for cryptographic operations, related to inability to write to the seeding file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-03-18T16:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.otrs.org/show_bug.cgi?id=3462"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-5057",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 does not configure the RANDFILE and HOME environment variables for OpenSSL, which might make it easier for remote attackers to decrypt e-mail messages that had lower than intended entropy available for cryptographic operations, related to inability to write to the seeding file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://bugs.otrs.org/show_bug.cgi?id=3462",
              "refsource": "CONFIRM",
              "url": "http://bugs.otrs.org/show_bug.cgi?id=3462"
            },
            {
              "name": "http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807",
              "refsource": "CONFIRM",
              "url": "http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-5057",
    "datePublished": "2011-03-18T16:00:00.000Z",
    "dateReserved": "2011-03-18T00:00:00.000Z",
    "dateUpdated": "2024-09-16T23:51:42.917Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2009-5057",
      "date": "2026-06-06",
      "epss": "0.00275",
      "percentile": "0.51235"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-5057\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2011-03-18T16:55:01.547\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 does not configure the RANDFILE and HOME environment variables for OpenSSL, which might make it easier for remote attackers to decrypt e-mail messages that had lower than intended entropy available for cryptographic operations, related to inability to write to the seeding file.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n S/MIME en Open Ticket Request System (OTRS) anterior a v2.3.4 no configura el RANDFILE y las variables de entorno HOME para OpenSSL, lo que podr\u00eda facilitar a los atacantes remotos descifrar los mensajes de correo electr\u00f3nico que ten\u00edan menos entrop\u00eda de la prevista para las operaciones de cifrado, relacionado con la imposibilidad de escribir en el fichero de la generaci\u00f3n de semillas para la clave.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-310\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.3.3\",\"matchCriteriaId\":\"56272C04-B43A-4CAE-A12E-829A4000037E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:0.5:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1985DCF5-4528-4246-B1E7-75703CF8849C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:0.5:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"47EFAC2B-AB6C-4327-997C-9B10F7360163\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:0.5:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D25927B-BDD3-4A3C-901B-8F62C422D266\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:0.5:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"7134888F-1296-4AFD-8ECC-A1A2486C74AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:0.5:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F7F2EAA-0744-4BFA-AAEB-66515507BC34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:0.5:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"B781EFF2-2502-4212-89DB-BF52DFBA41BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:0.5:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E4196EF-6C16-473C-9A71-A8FC728CD2DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:0.5:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E00ACBC-60E5-44B7-961C-23CD1903112D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACCB8907-B5F7-4C20-A6CE-C8D52F2D1DE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C433CD8B-143A-4237-A54B-A9D4C27B061C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"42D518B5-B9A9-4831-927C-104D2803533E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2ACEE63A-4C9C-46F4-BF73-51C931C046BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A81DFFC-99A6-4AFB-BD95-7202528B87CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FC0F48B-5E12-4656-B848-2DC9A4F8D00C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.1:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE262525-B533-46C9-B845-1F5214F6177F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.1.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8371E67D-8784-4C0B-B577-2FBC051F8CA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.1.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FF4CC40-2DB2-474B-ABC3-57EA268CACDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13E9302A-1278-40B8-B2D4-FEB9BB276622\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9582CBC7-B5FA-467D-8F1B-AF9AB308F27C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBAABF11-2B91-41DF-9564-E75D88AE43A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"824350BB-4C29-43FE-B205-22D36BE93731\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.2.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2C4825A-A860-4212-83EA-FE04B110A07C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.2.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C517953B-0B47-4B45-90DA-C9DCC8E2536A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.2.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5C3344F-E284-477B-A322-ABF34AD80124\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC14AEFD-7F68-4E64-9D23-A933352E74C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D95DB73E-D417-455F-A754-67555E86AD92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC0430A7-F27E-430C-9D9D-A4AE86C889D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2278B3B-B9D6-4E67-B118-2B798C5F1432\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.3.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5186A3DD-7D17-4D2E-B756-EF1AD5C6B42A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.3.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E7556D7-D593-4AF3-8D0E-7E10E1C5316A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.3.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"05747F3E-27E8-4E04-B80D-D8C38FBDA4A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.3.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"74CBA83A-443E-4B1D-85D2-55FFB2FEB782\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6FE3DE-6D43-404F-BCE8-861E0584AA18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE712DC3-5CA0-4157-A501-483BBDBF7B0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:1.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86CD9921-3CFC-49F7-9C91-5049E41ADD15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A777AA53-6900-483D-8C31-F9C415DE9B2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"53949C54-F416-46C6-A784-441880F0D8E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2896D75B-07EC-4224-9018-0BF55DE16379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6607C7B-E121-4DCD-8FA0-5B202B97D624\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FBA783C-32B5-4264-9701-3843710499E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.0.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EB26560-C681-436F-9F41-D927C501791E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49CBB470-37A6-4D09-BA71-8EAB8931554E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF1D725C-CBE6-49A4-B6FC-3D80E35E0135\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63608BED-2700-4EF7-9038-B295FF373FD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5386B686-3421-4F4E-AC5E-6567FE12E03B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E712714-6E03-43BA-B375-929638730B44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.1.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"12B1D7F7-51C3-460E-BDE3-0C40B692B622\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.1.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF9AEA70-9DC8-41B5-A4D4-F86828F9E35A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7BAB384-AC74-4D75-BFE2-8CBC2C0A830F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E365F79A-BDDA-430D-B39F-FADADA91A0F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC9223D9-B5F8-4D9A-98F8-5D73852B2E0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC91C532-9CCD-4353-A6C3-E297A1F5BD77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BAAB79E-8DC5-4BFF-9BD2-9215DA2B775D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9C7B601-0CBD-4861-855E-A4F64157A8D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B715EC14-D79A-4CB4-A875-380F66A45C3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20C9C4DB-4E5D-4D01-B174-D6682831B184\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D25611D-231B-4CBA-8DC3-5F6CE90ADA56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.2.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"01E9FF1B-AFFE-43C1-8E06-15DA8564D62F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.2.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACE6A6EB-7264-4AE8-8CC4-994969E8B136\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.2.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEEFDE04-B409-47BF-BF71-0C87A7A6893D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.2.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ECC731E-7B47-4AAA-B009-E8CE73AE354A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.2.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DADC404F-08B0-48A7-84DB-5270B8E1A147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"091E423C-A9D5-4ED8-93C7-5CDD57DC3B00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAEC4E93-34C5-418B-B12C-CABE500D5171\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75BE131A-342E-475C-9522-E53A8A8A1BA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF62E279-212F-40B4-B2B3-429D6A6164BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6FEFC32-3880-4CEA-9AD1-B1669A3CACE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0A9CD5E-655A-423B-805B-8953122D2509\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64BCF69B-4DB6-423E-BCE9-7CAEA74B1568\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9307C840-9EEE-4A23-8FAF-258D683E14A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A6F2752-5D88-4007-96C8-DFA1697B0AC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.3.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"29823A84-ACC0-410F-B2A5-C659C8F06625\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.3.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BC10A3E-F32A-4A16-BDD2-930ADB973693\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.3.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D368E58-79AD-4C55-B867-A75FF3F98DE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.3.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AAF73C6-FCCE-43C7-BD67-F8CFC4EA3A32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.3.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"09EF0162-5102-4F95-82CF-DF541B50858D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55F536B9-11F6-4F3F-9293-25D23F987C9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:otrs:otrs:2.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD6DF09D-A8D8-4C77-A4C9-46BD570C2CE1\"}]}]}],\"references\":[{\"url\":\"http://bugs.otrs.org/show_bug.cgi?id=3462\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.otrs.org/show_bug.cgi?id=3462\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.