CVE-2018-20800

{"id": "CVE-2018-20800", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2019-03-13T22:29:00.240", "references": [{"url": "https://community.otrs.com/security-advisory-2018-10-security-update-for-otrs-framework", "tags": ["Mitigation", "Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://community.otrs.com/security-advisory-2018-10-security-update-for-otrs-framework", "tags": ["Mitigation", "Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Open Ticket Request System (OTRS) 5.0.31 and 6.0.13. Users updating to 6.0.13 (also patchlevel updates) or 5.0.31 (only major updates) will experience data loss in their agent preferences table."}, {"lang": "es", "value": "Se ha descubierto un problema en Open Ticket Request System (OTRS), en sus CVErsiones 5.0.31 y 6.0.13. Los usuarios que actualicen a la CVErsi\u00f3n 6.0.13 (tambi\u00e9n actualizaciones a niCVEl de parche) o 5.0.31 (solo actualizaciones principales) experimentar\u00e1n una p\u00e9rdida de datos en su tabla de preferencias de agente."}], "lastModified": "2024-11-21T04:02:12.430", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:otrs:otrs:5.0.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6CE1362-A15E-4E51-B6C1-9B0807401C16"}, {"criteria": "cpe:2.3:a:otrs:otrs:6.0.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F47157E2-F03F-4088-B2DA-E7D5C5636FA6"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}