CVE-2026-6060
Uncontrolled Resource Consumption in OTRS SQL Box Causes DoS
Publication date: 2026-04-20
Last updated on: 2026-04-20
Assigner: OTRS AG
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| otrs | otrs | 7.0 |
| otrs | otrs | 8.0 |
| otrs | otrs | 2023.* |
| otrs | otrs | 2024.* |
| otrs | otrs | 2025.* |
| otrs | otrs | to 2026.3 (exc) |
| otrs | otrs | From 2023.0 (inc) to 2026.0 (inc) |
| otrs | otrs | From 2024.0 (inc) to 2026.0 (inc) |
| otrs | otrs | From 2025.0 (inc) to 2026.0 (inc) |
| otrs | otrs | From 2026.0 (inc) to 2026.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |
| CWE-770 | The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-6060 is a vulnerability in the SQL Box component of the admin interface in OTRS versions 7.0.X, 8.0.X, and all 2023.X through 2026.X releases prior to 2026.3.X.
The issue is classified as uncontrolled resource consumption, meaning that attackers can exploit the lack of limits or throttling on resource allocation within the SQL Box feature.
This exploitation can lead to excessive resource usage, causing a denial of service (DoS) against the webserver by exhausting system resources.
How can this vulnerability impact me? :
The primary impact of this vulnerability is a denial of service (DoS) condition against the OTRS webserver.
Attackers can cause resource exhaustion by flooding or excessive allocation of resources through the SQL Box feature, which can disrupt normal operations and availability of the service.
This can lead to downtime or degraded performance, affecting users' ability to access or use the OTRS system.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves uncontrolled resource consumption in the SQL Box component of OTRS, which can lead to denial of service by exhausting system resources.
Detection would involve monitoring for unusual resource usage patterns on the webserver hosting OTRS, such as spikes in CPU or memory consumption related to SQL Box activity.
Specific commands are not provided in the available resources, but general approaches include using system monitoring tools like 'top', 'htop', or 'ps' to observe processes consuming excessive resources.
- Use 'top' or 'htop' to monitor CPU and memory usage in real time.
- Use 'ps aux --sort=-%mem' or 'ps aux --sort=-%cpu' to identify processes with high resource consumption.
- Check webserver logs for repeated or abnormal SQL Box requests that might indicate exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
The recommended immediate mitigation is to update OTRS to version 2026.3.1 or later, where the vulnerability is fixed.
If updating is not immediately possible, administrators can remove or disable the SQL Box feature from the Admin Interface via System Configuration to prevent exploitation.
Note that no patches will be provided for OTRS version 7, so upgrading or disabling the feature is critical.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.