CVE-2021-21439
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
DoS attack can be performed when an email contains specially designed URL in the body. It can lead to the high CPU usage and cause low quality of service, or in extreme case bring the system to a halt. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions; 8.0.x version 8.0.13 and prior versions.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| OTRS AG | ((OTRS)) Community Edition | 6.0.1 < 6.0.x* | affected |
| OTRS AG | OTRS | 7.0.x <= 7.0.26 | affected |
| OTRS AG | OTRS | 8.0.x <= 8.0.13 | affected |
Weaknesses
- CWE-754: CWE-754: Improper Check for Unusual or Exceptional Conditions
ADP Enrichment
CVE Program Container
Additional References
- https://otrs.com/release-notes/otrs-security-advisory-2021-09/
- https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
References
- https://otrs.com/release-notes/otrs-security-advisory-2021-09/
- https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.