admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added OSA-2021-09

Browse Source
This commit is contained in:
jensoliver 2021-06-14 09:52:16 +02:00
parent 15794cc635
commit 606be494a5
1 changed files with 102 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

108
2021/21xxx/CVE-2021-21439.json
View File

@ -1,18 +1,114 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@otrs.com",
"DATE_PUBLIC": "2021-06-14T00:00:00.000Z",
"ID": "CVE-2021-21439",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Possible DoS attack using a special crafted URL in email body"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "((OTRS)) Community Edition",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "6.0.x",
"version_value": "6.0.1"
}
]
}
},
{
"product_name": "OTRS",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "7.0.x",
"version_value": "7.0.26"
},
{
"version_affected": "<=",
"version_name": "8.0.x",
"version_value": "8.0.13"
}
]
}
}
]
},
"vendor_name": "OTRS AG"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "DoS attack can be performed when an email contains specially designed URL in the body. It can lead to the high CPU usage and cause low quality of service, or in extreme case bring the system to a halt. \nThis issue affects:\nOTRS AG ((OTRS)) Community Edition\n6.0.x version 6.0.1 and later versions.\nOTRS AG OTRS\n7.0.x version 7.0.26 and prior versions;\n8.0.x version 8.0.13 and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://otrs.com/release-notes/otrs-security-advisory-2021-09/"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update to OTRS 8.0.14 or OTRS 7.0.27."
}
],
"source": {
"advisory": "OSA-2021-09",
"defect": [
"2021031142000285"
],
"discovery": "USER"
}
}