Vulnerability Database

300,830

Total vulnerabilities in the database

CVE-2008-1515

The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 allows remote attackers to "read and modify objects" via SOAP requests, related to "Missing security checks."

Published: Apr 1, 2008
Updated: Nov 9, 2025
CVE: CVE-2008-1515
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
otrs / otrs	2.1.0	2.1.8
otrs / otrs	2.2.0	2.2.6

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html
http://otrs.org/advisory/OSA-2008-01-en/
http://secunia.com/advisories/29585
http://secunia.com/advisories/29622
http://secunia.com/advisories/29859
http://www.securityfocus.com/bid/28647
https://exchange.xforce.ibmcloud.com/vulnerabilities/41577
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00284.html

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo