Summary
The target is running at least one instance of osTicket that enables a remote user to a open new ticket with an attachment of unlimited size. An attacker could exploit this vulnerability and cause a denial of service by filling up the filesystem used for attachments.
Solution
Upgrade to osTicket STS 1.2.7 or later.
Severity
Classification
-
CVE CVE-2004-0614 -
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:N/I:P/A:P
Related Vulnerabilities