CVE-2021-21439
First published: Mon Jun 14 2021(Updated: )
DoS attack can be performed when an email contains specially designed URL in the body. It can lead to the high CPU usage and cause low quality of service, or in extreme case bring the system to a halt. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions; 8.0.x version 8.0.13 and prior versions.
Credit: security@otrs.com security@otrs.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Otrs Otrs | >=6.0.1<=6.0.30 | |
| Otrs Otrs | >=7.0.0<7.0.27 | |
| Otrs Otrs | >=8.0.0<8.0.14 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-21439?
The severity of CVE-2021-21439 is medium with a CVSS score of 6.5.
How does CVE-2021-21439 affect OTRS AG Community Edition?
CVE-2021-21439 affects OTRS AG Community Edition versions 6.0.1 and later, 7.0.0 to 7.0.27, and 8.0.0 to 8.0.14.
What is the impact of CVE-2021-21439?
CVE-2021-21439 can lead to a denial-of-service (DoS) attack that results in high CPU usage and low quality of service, or potentially halts the system.
How can I fix CVE-2021-21439?
To fix CVE-2021-21439, it is recommended to update OTRS AG Community Edition to a version that includes the security fix.
Where can I find more information about CVE-2021-21439?
You can find more information about CVE-2021-21439 in the Debian LTS announcement and the OTRS security advisory.
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- vendor/otrs
- canonical/otrs otrs
- version/otrs otrs/6.0.1
- version/otrs otrs/6.0.30
- version/otrs otrs/7.0.0
- version/otrs otrs/8.0.0