Home > Vulnerability Database > CVE-2010-4758

Mend.io Vulnerability Database

CVE-2010-4758

Good to know:

Date: October 3, 2022

installer.pl in Open Ticket Request System (OTRS) before 3.0.3 has an Inbound Mail Password field that uses the text type, instead of the password type, for its INPUT element, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen.

Language: Perl

Severity Score

2.9

Related Resources (4)

Url: http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807

Url: http://bugs.otrs.org/show_bug.cgi?id=6302

Url: https://nvd.nist.gov/vuln/detail/CVE-2010-4758

Url: https://www.mend.io/vulnerability-database/CVE-2010-4758

Severity Score

2.9

Weakness Type (CWE)

Cryptographic Issues

CWE-310

Top Fix

Upgrade Version

Upgrade to version rel-3_0_3

Learn More

CVSS v3.1

Base Score:	2.9
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	1.9
Access Vector (AV):	LOCAL
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2010-4758

Good to know:

Date: October 3, 2022

Language: Perl

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?