Home > Vulnerability Database > CVE-2021-21439

Mend.io Vulnerability Database

CVE-2021-21439

Date: June 14, 2021

DoS attack can be performed when an email contains specially designed URL in the body. It can lead to the high CPU usage and cause low quality of service, or in extreme case bring the system to a halt. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions; 8.0.x version 8.0.13 and prior versions.

Severity Score

6.5

Related Resources (6)

Url: https://nvd.nist.gov/vuln/detail/CVE-2021-21439

Url: https://otrs.com/release-notes/otrs-security-advisory-2021-09/

Url: https://security-tracker.debian.org/tracker/CVE-2021-21439

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2021-21439

Url: https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html

Url: https://www.mend.io/vulnerability-database/CVE-2021-21439

Severity Score

6.5

Weakness Type (CWE)

Improper Check for Unusual or Exceptional Conditions

CWE-754

Improper Handling of Exceptional Conditions

CWE-755

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

CVSS v2

Base Score:	4.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2021-21439

Date: June 14, 2021

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?