Vulnerability Name:

CVE-2007-2524 (CCN-34164)

Assigned:2007-05-07
Published:2007-05-07
Updated:2018-10-16
Summary:Cross-site scripting (XSS) vulnerability in index.pl in Open Ticket Request System (OTRS) 2.0.x allows remote attackers to inject arbitrary web script or HTML via the Subaction parameter in an AgentTicketMailbox Action.
Note: DEBIAN:DSA-1299 originally used this identifier for an ipsec-tools issue, but the proper identifier for the ipsec-tools issue is CVE-2007-1841.
CVSS v3 Severity:3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N)
2.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-79
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: BugTraq Mailing List, Mon May 07 2007 - 14:49:50 CDT
OTRS <= 2.0.x XSS/XSRF

Source: MITRE
Type: CNA
CVE-2007-2524

Source: OSVDB
Type: UNKNOWN
35821

Source: OSVDB
Type: UNKNOWN
35822

Source: CCN
Type: OTRS Web site
OTRS::Email Management::Trouble Ticket System::Welcome!

Source: CCN
Type: SA25205
OTRS Cross-Site Scripting and Cross-Site Request Forgery

Source: SECUNIA
Type: Vendor Advisory
25205

Source: SECUNIA
Type: Vendor Advisory
25419

Source: SECUNIA
Type: Vendor Advisory
25787

Source: SREASON
Type: UNKNOWN
2668

Source: DEBIAN
Type: UNKNOWN
DSA-1298

Source: DEBIAN
Type: DSA-1298
otrs2 -- missing input sanitising

Source: SUSE
Type: UNKNOWN
SUSE-SR:2007:013

Source: CCN
Type: OSVDB ID: 35821
OTRS (Open Ticket Request System) index.pl AgentTicketMailbox Action Subaction Parameter XSS

Source: CCN
Type: OSVDB ID: 35822
OTRS (Open Ticket Request System) Unspecified CSRF

Source: BUGTRAQ
Type: UNKNOWN
20070507 OTRS <= 2.0.x XSS/XSRF

Source: BUGTRAQ
Type: UNKNOWN
20070611 Re: [SECURITY] [DSA 1299-1] New ipsec-tools packages fix denial ofservice

Source: BID
Type: Exploit
23862

Source: CCN
Type: BID-23862
OTRS Index.PL Cross-Site Scripting Vulnerability

Source: MISC
Type: Exploit, Vendor Advisory
http://www.virtuax.be/?page=library&id=35&type=Exploits

Source: VUPEN
Type: UNKNOWN
ADV-2007-1698

Source: XF
Type: UNKNOWN
otrs-indexpl-xss(34164)

Source: XF
Type: UNKNOWN
otrs-indexpl-xss(34164)

Source: SUSE
Type: SUSE-SR:2007:013
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:otrs:otrs:2.0.4:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20072524
    V
    		CVE-2007-2524
    2015-11-16
    oval:org.mitre.oval:def:18923
    P
    		DSA-1298-1 otrs2
    2014-06-23
    oval:org.debian:def:1298
    V
    		missing input sanitising
    2007-05-28
    BACK
    otrs otrs 2.0.4