Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-2008-1515

The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 allows remote attackers to "read and modify objects" via SOAP requests, related to "Missing security checks."

PublishedApr 01, 2008, 17:44

Published Bycve@mitre.org

Affected Versions

No affected versions found.

References

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html
http://otrs.org/advisory/OSA-2008-01-en/
http://secunia.com/advisories/29585
http://secunia.com/advisories/29622
http://secunia.com/advisories/29859
http://www.securityfocus.com/bid/28647
https://exchange.xforce.ibmcloud.com/vulnerabilities/41577
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00284.html

Weakness Type

CWE-264

CVSS Metrics

Base Score

6.4

Vector String

AV:N/AC:L/Au:N/C:P/I:P/A:N

Base SeverityUnknown

Version

2.0

Attack Vector (AV)