Unrated severityNVD Advisory· Published Jul 19, 2011· Updated Apr 29, 2026

CVE-2011-2385

Description

The iPhoneHandle package 0.9.x before 0.9.7 and 1.0.x before 1.0.3 in Open Ticket Request System (OTRS) does not properly restrict use of the iPhoneHandle interface, which allows remote authenticated users to gain privileges, and consequently read or modify OTRS core objects, via unspecified vectors.

Affected products

OTRS/Iphonehandle8 versions
cpe:2.3:a:otrs:iphonehandle:0.9.1:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:otrs:iphonehandle:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:otrs:iphonehandle:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:otrs:iphonehandle:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:otrs:iphonehandle:0.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:otrs:iphonehandle:0.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:otrs:iphonehandle:0.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:otrs:iphonehandle:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:otrs:iphonehandle:1.0.2:*:*:*:*:*:*:*
OTRS/Otrs
cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

otrs.org/advisory/OSA-2011-02-en/nvdPatchVendor Advisory
secunia.com/advisories/45227nvdVendor Advisory
osvdb.org/73885nvd
www.securityfocus.com/bid/48678nvd
exchange.xforce.ibmcloud.com/vulnerabilities/68558nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000