VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 18, 2011· Updated Apr 29, 2026

CVE-2008-7282

CVE-2008-7282

Description

Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open Ticket Request System (OTRS) before 2.2.6, when the CustomerPanelOwnSelection and CustomerGroupSupport options are enabled, allows remote authenticated users to bypass intended access restrictions, and perform certain (1) list and (2) write operations on queues, via unspecified vectors.

Affected products

68
  • OTRS/Otrs67 versions
    cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*+ 66 more
    • cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*range: <=2.2.5
    • cpe:2.3:a:otrs:otrs:0.5:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta5:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta6:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta7:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta8:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta5:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta6:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.4:*:*:*:*:*:*:*
  • OTRS/Open Ticket Request System (OTRS)llm-fuzzy
    Range: < 2.2.6

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.