Input validation

2019-12-0515:15:00

PRIOn knowledge base

www.prio-n.com

0.014 Low

EPSS

Percentile

86.7%

JSON

Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g. attaching files to mails) of ((OTRS)) Community Edition and OTRS allows an remote attacker to cause an endless loop. This issue affects: OTRS AG: ((OTRS)) Community Edition 5.0.x version 5.0.38 and prior versions; 6.0.x version 6.0.23 and prior versions. OTRS AG: OTRS 7.0.x version 7.0.12 and prior versions.

CPENameOperatorVersion
otrsge6.0.0
otrslt6.0.24
otrsge5.0.0
otrslt5.0.39
otrsge7.0.0
otrslt7.0.13

Name	Operator	Version
otrs	ge	6.0.0
otrs	lt	6.0.24
otrs	ge	5.0.0
otrs	lt	5.0.39
otrs	ge	7.0.0
otrs	lt	7.0.13

References

lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html

lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html

lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html

community.otrs.com/security-advisory-2019-15-security-update-for-otrs-framework/

lists.debian.org/debian-lts-announce/2023/08/msg00040.html

0.014 Low

EPSS

Percentile

86.7%

JSON

Related for PRION:CVE-2019-18180