CVE-2022-39052

Summary

An external attacker is able to send a specially crafted email (with many recipients) and trigger a potential DoS of the system

Affected Software

VendorProductVersion RangeStatus
OTRS AGOTRS7.0.x <= 7.0.39affected
OTRS AGOTRS8.0.x <= 8.0.26affected
OTRS AG((OTRS)) Community Edition6.0.1 < 6.0.x*affected

Weaknesses

  • CWE-835: CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References