CVE-2021-45811 in osTicketinfo

Summary

by MITRE • 09/08/2023

A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 07/10/2026

The vulnerability identified as CVE-2021-45811 represents a critical SQL injection flaw within the osTicket 1.15.x support ticketing system. This vulnerability specifically targets the search functionality of the tickets.php page, where authenticated attackers can exploit the application's failure to properly sanitize user input. The flaw occurs when the application processes the keywords and topic_id URL parameters without adequate input validation or parameterized query construction, creating an avenue for malicious SQL command execution.

The technical implementation of this vulnerability stems from improper input handling within the application's database interaction layer. When users submit search queries through the tickets.php interface, the system accepts the keywords and topic_id parameters directly into SQL queries without proper sanitization or parameterization. This design flaw allows attackers who have authenticated access to the system to manipulate the search functionality and inject malicious SQL payloads. The vulnerability is particularly concerning because it requires only authenticated access, meaning that an attacker who can establish a valid user session can exploit this weakness. The attack vector operates through standard HTTP GET requests where parameters are passed in the URL, making the exploitation relatively straightforward and potentially undetectable through standard network monitoring.

The operational impact of this vulnerability extends beyond simple data theft, as it provides attackers with the capability to perform arbitrary database operations including data modification, deletion, and unauthorized access to sensitive information. Attackers could potentially escalate privileges, extract confidential customer data, modify ticket records, or even gain deeper access to the underlying database system. The vulnerability affects all versions within the 1.15.x release series, indicating a widespread exposure across multiple installations. Organizations using osTicket in production environments face significant risk as this flaw can be exploited to compromise the integrity and confidentiality of their support ticket data, potentially affecting customer privacy and business operations.

Mitigation strategies for CVE-2021-45811 should focus on immediate patching of the osTicket application to the latest available version that addresses this vulnerability. System administrators must ensure that all instances of osTicket are updated to versions that implement proper input validation and parameterized query execution. Additionally, implementing proper access controls and monitoring for unusual search activity can help detect exploitation attempts. The vulnerability aligns with CWE-89 which specifically addresses SQL injection weaknesses, and can be mapped to ATT&CK technique T1071.004 for application layer protocol manipulation. Organizations should also consider implementing web application firewalls and database activity monitoring solutions to provide additional layers of defense against such attacks. Regular security assessments and input validation reviews should be conducted to prevent similar vulnerabilities from emerging in other application components.

Reservation

12/27/2021

Disclosure

09/08/2023

Moderation

accepted

CPE

ready

EPSS

0.02454

KEV

no

Activities

very low

Sources

Do you need the next level of professionalism?

Upgrade your account now!