cbcvebase.
CVE-2022-39052
published 2022-10-17

CVE-2022-39052: An external attacker is able to send a specially crafted email (with many recipients) and trigger a potential DoS of the system

PriorityP429medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
EPSS
0.56%
42.5th percentile
An external attacker is able to send a specially crafted email (with many recipients) and trigger a potential DoS of the system

Affected

6 ranges
VendorProductVersion rangeFixed in
otrsotrs6.0.0 – 6.0.32
otrsotrs>= 7.0.0 < 7.0.397.0.39
otrsotrs>= 8.0.0 < 8.0.268.0.26
otrs_agcommunity_edition>= 6.0.1 < 6.0.x*6.0.x*
otrs_agotrs7.0.x – 7.0.39
otrs_agotrs8.0.x – 8.0.26

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv6.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.