ID CVE-2021-21439
Summary DoS attack can be performed when an email contains specially designed URL in the body. It can lead to the high CPU usage and cause low quality of service, or in extreme case bring the system to a halt. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions; 8.0.x version 8.0.13 and prior versions.
References
Vulnerable Configurations
  • cpe:2.3:a:otrs:otrs:6.0.1:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.1:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.2:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.2:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.3:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.3:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.4:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.4:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.5:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.5:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.6:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.6:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.7:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.7:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.8:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.8:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.9:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.9:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.10:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.10:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.11:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.11:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.12:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.12:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.13:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.13:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.14:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.14:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.15:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.15:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.16:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.16:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.17:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.17:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.18:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.18:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.19:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.19:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.20:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.20:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.21:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.21:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.22:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.22:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.23:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.23:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.24:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.24:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.26:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.26:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.27:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.27:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.28:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.28:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.29:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.29:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:6.0.30:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:6.0.30:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.0:*:*:*:-:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.0:*:*:*:-:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.0:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.0:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.7:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.7:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.13:*:*:*:-:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.13:*:*:*:-:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.13:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.13:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.15:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.15:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.16:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.16:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.17:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.17:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.18:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.18:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.19:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.19:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.21:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.21:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.22:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.22:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.23:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.23:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.24:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.24:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.26:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.26:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:7.0.27:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:7.0.27:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:8.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:8.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:8.0.0:*:*:*:-:*:*:*
    cpe:2.3:a:otrs:otrs:8.0.0:*:*:*:-:*:*:*
  • cpe:2.3:a:otrs:otrs:8.0.0:*:*:*:community:*:*:*
    cpe:2.3:a:otrs:otrs:8.0.0:*:*:*:community:*:*:*
  • cpe:2.3:a:otrs:otrs:8.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:8.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:8.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:8.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:8.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:8.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:8.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:8.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:8.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:8.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:8.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:8.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:8.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:8.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:8.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:8.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:8.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:8.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:8.0.12:*:*:*:-:*:*:*
    cpe:2.3:a:otrs:otrs:8.0.12:*:*:*:-:*:*:*
  • cpe:2.3:a:otrs:otrs:8.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:8.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:otrs:otrs:8.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:otrs:otrs:8.0.14:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 31-08-2023 - 03:15)
Impact:
Exploitability:
CWE CWE-755
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
Last major update 31-08-2023 - 03:15
Published 14-06-2021 - 08:15
Last modified 31-08-2023 - 03:15
Back to Top