admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2005/CVE-2005-38xx/CVE-2005-3893.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

153 lines
4.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2005-3893",
"sourceIdentifier": "cve@mitre.org",
"published": "2005-11-29T21:03:00.000",
"lastModified": "2017-07-20T01:29:05.533",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in index.pl in Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) user parameter in the Login action, and remote authenticated users via the (2) TicketID and (3) ArticleID parameters of the AgentTicketPlain action."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": true,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:otrs:otrs:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACEE63A-4C9C-46F4-BF73-51C931C046BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:otrs:otrs:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE712DC3-5CA0-4157-A501-483BBDBF7B0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:otrs:otrs:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A777AA53-6900-483D-8C31-F9C415DE9B2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:otrs:otrs:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49CBB470-37A6-4D09-BA71-8EAB8931554E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:otrs:otrs:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF1D725C-CBE6-49A4-B6FC-3D80E35E0135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:otrs:otrs:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "63608BED-2700-4EF7-9038-B295FF373FD0"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/039001.html",
"source": "cve@mitre.org"
},
{
"url": "http://marc.info/?l=bugtraq&m=113272360804853&w=2",
"source": "cve@mitre.org"
},
{
"url": "http://moritz-naumann.com/adv/0007/otrsmulti/0007.txt",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://otrs.org/advisory/OSA-2005-01-en/",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://securitytracker.com/id?1015262",
"source": "cve@mitre.org"
},
{
"url": "http://www.debian.org/security/2006/dsa-973",
"source": "cve@mitre.org"
},
{
"url": "http://www.novell.com/linux/security/advisories/2005_30_sr.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/15537/",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://www.vupen.com/english/advisories/2005/2535",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23352",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23354",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink