Vulnerability Details : CVE-2008-1515
The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 allows remote attackers to "read and modify objects" via SOAP requests, related to "Missing security checks."
Products affected by CVE-2008-1515
- cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
- cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2008-1515
0.76%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 71 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-1515
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:P/A:N |
10.0
|
4.9
|
NIST |
CWE ids for CVE-2008-1515
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-1515
-
http://secunia.com/advisories/29859
About Secunia Research | FlexeraThird Party Advisory
-
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00284.html
[SECURITY] Fedora 7 Update: otrs-2.1.5-4.fc7Third Party Advisory
-
http://otrs.org/advisory/OSA-2008-01-en/
OTRS | Software Solutions for Customer Service, ITSM, ISMS and Cyber DefenseVendor Advisory
-
http://secunia.com/advisories/29585
About Secunia Research | FlexeraThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html
[security-announce] SUSE Security Summary Report SUSE-SR:2008:08 - openSUSE Security Announce - openSUSE Mailing ListsThird Party Advisory
-
http://www.securityfocus.com/bid/28647
Third Party Advisory;VDB Entry
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/41577
OTRS SOAP interface weak security CVE-2008-1515 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://secunia.com/advisories/29622
About Secunia Research | FlexeraThird Party Advisory
Jump to