Search for vulnerabilities
Vulnerability details: VCID-3ykm-dbay-aaag
Vulnerability ID VCID-3ykm-dbay-aaag
Aliases CVE-2008-1515
Summary The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 allows remote attackers to "read and modify objects" via SOAP requests, related to "Missing security checks."
Status Published
Exploitability 0.5
Weighted Severity 5.8
Risk 2.9
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-264 Permissions, Privileges, and Access Controls
System Score Found at
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00637 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00672 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00672 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00707 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00707 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00707 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00707 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00707 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00707 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00707 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00707 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00707 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00707 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00707 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00758 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00873 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00951 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00951 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00976 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
epss 0.00976 https://api.first.org/data/v1/epss?cve=CVE-2008-1515
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=439932
cvssv2 6.4 https://nvd.nist.gov/vuln/detail/CVE-2008-1515
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html
http://otrs.org/advisory/OSA-2008-01-en/
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1515.json
https://api.first.org/data/v1/epss?cve=CVE-2008-1515
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1515
http://secunia.com/advisories/29585
http://secunia.com/advisories/29622
http://secunia.com/advisories/29859
https://exchange.xforce.ibmcloud.com/vulnerabilities/41577
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00284.html
http://www.securityfocus.com/bid/28647
439932 https://bugzilla.redhat.com/show_bug.cgi?id=439932
cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
CVE-2008-1515 https://nvd.nist.gov/vuln/detail/CVE-2008-1515
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2008-1515
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.69369
EPSS Score 0.00637
Published At May 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.