CVE-2014-9324

{"id": "CVE-2014-9324", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-12-19T15:59:18.503", "references": [{"url": "http://advisories.mageia.org/MGASA-2015-0031.html", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/59875", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/62188", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/62662", "source": "cve@mitre.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:043", "source": "cve@mitre.org"}, {"url": "https://www.otrs.com/security-advisory-2014-06-incomplete-access-control/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://advisories.mageia.org/MGASA-2015-0031.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/59875", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/62188", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/62662", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:043", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.otrs.com/security-advisory-2014-06-incomplete-access-control/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The GenericInterface in OTRS Help Desk 3.2.x before 3.2.17, 3.3.x before 3.3.11, and 4.0.x before 4.0.3 allows remote authenticated users to access and modify arbitrary tickets via unspecified vectors."}, {"lang": "es", "value": "GenericInterface en OTRS Help Desk 3.2.x anterior a 3.2.17, 3.3.x anterior a 3.3.11 y 4.0.x anterior a 4.0.3 permiten a usuarios remotos autenticados acceder y modificar tickets arbitrarios a trav\u00e9s de vectores sin especificar."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85C43618-9317-4559-B2CE-F2A541D6E5AE"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED3BC9F0-FE36-44C6-8C5E-69AD0355FCD3"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A987515-9963-404E-A208-7941AE80A111"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05216F9E-D1A9-402C-AC9D-A1E863C29C53"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAD7998C-4D93-4E03-95A6-847C50EBFAD4"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DFB3525-C9D7-4891-8F15-413AAC2E2688"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAA10EEF-5B03-4D58-A446-6A1D2233B525"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86D1B50A-0C2D-454F-8CD6-9A22082CC227"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99ED2D2A-CFA9-4DE3-BDC7-9FFBB0EAA436"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7AA83D4-DAA9-4A19-8D84-7740A3657630"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "233773E3-F47C-4204-896A-74AB64E8DE2E"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F8A83BF-29CF-431E-9C3A-D8ADB47ABB11"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12327A36-5117-4A7B-BF85-55A07309A7EA"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02114451-004D-4CBE-BA5E-AD88EF07FB57"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A62B510-5E06-4F21-82AD-2D05A3991AD3"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5E7638E-5E9C-4604-9111-E22A889CBCAC"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.2.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3AF4C611-5A51-4E18-9D1A-25E2AEAE0A42"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "789DDC2E-584D-4582-B9CA-FBC6E3CE3CA0"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69C34B87-C8AE-4E36-8E42-B2FF0B874887"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCC01E70-A568-4A16-9E42-48D648F44FB8"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "703E7AB0-6B55-4BE0-A31C-75EB81B9DA64"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D5AA450-91CA-412C-A68A-A9AF84E88649"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67458A64-244F-45CC-A4F8-077A5272291E"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F18DA1F-2C74-4079-9BEE-25725B586D0F"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99406C47-11AF-47D5-8D3F-A6E9C266FA60"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1888D69D-B68E-4120-A42C-75B53734F308"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC0F6CFF-CC4E-4551-A879-4EB3AAE629F4"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:3.3.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7DA0B533-06A1-45E8-AAF3-BDD11BF251B8"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:4.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43DFED6B-B905-4D20-AC7B-EDD058988A4C"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5364466B-2C01-4F7A-9CB8-21F80F80A756"}, {"criteria": "cpe:2.3:a:otrs:otrs_help_desk:4.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30D84E9A-D176-4D5B-A48F-95D9540ED77D"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}