SecuritySpace - CVE-2008-7277

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2008-7277

Description: Open Ticket Request System (OTRS) before 2.3.0-beta4 checks for the rw permission, instead of the configured merge permission, during authorization of merge operations, which might allow remote authenticated users to bypass intended access restrictions by merging two tickets.

Test IDs: 1.3.6.1.4.1.25623.1.0.803918

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2008-7277

CVE ID:	CVE-2008-7277
Description:	Open Ticket Request System (OTRS) before 2.3.0-beta4 checks for the rw permission, instead of the configured merge permission, during authorization of merge operations, which might allow remote authenticated users to bypass intended access restrictions by merging two tickets.
Test IDs:	1.3.6.1.4.1.25623.1.0.803918
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2008-7277