CVE-2010-0438

Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm in OTRS-Core in Open Ticket Request System (OTRS) 2.1.x before 2.1.9, 2.2.x before 2.2.9, 2.3.x before 2.3.5, and 2.4.x before 2.4.7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
SQL Injection
Severity
UNKNOWN
AV:N/AC:L/Au:S/C:P/I:P/A:P
Atk. Vector
NETWORK
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
VendorProductVersion
otrsotrs
2.1.1
otrsotrs
2.1.2
otrsotrs
2.1.3
otrsotrs
2.1.4
otrsotrs
2.1.5
otrsotrs
2.1.6
otrsotrs
2.1.7
otrsotrs
2.1.8
otrsotrs
2.2.1
otrsotrs
2.2.2
otrsotrs
2.2.3
otrsotrs
2.2.4
otrsotrs
2.2.5
otrsotrs
2.2.6
otrsotrs
2.2.7
otrsotrs
2.2.8
otrsotrs
2.3.1
otrsotrs
2.3.2
otrsotrs
2.3.3
otrsotrs
2.3.4
otrsotrs
2.4.1
otrsotrs
2.4.2
otrsotrs
2.4.3
otrsotrs
2.4.4
otrsotrs
2.4.5
otrsotrs
2.4.6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
otrs2
bullseye/non-free
6.0.32-6
fixed
etch
not-affected