1 results (0.027 seconds)
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21437 – Config Items are shown to users without permission
https://notcve.org/view.php?id=CVE-2021-21437
22 Mar 2021 — Agents are able to see linked Config Items without permissions, which are defined in General Catalog. This issue affects: OTRSCIsInCustomerFrontend 7.0.15 and prior versions, ITSMConfigurationManagement 7.0.24 and prior versions Los agentes pueden ser capaces de visualizar Elementos de Configuración vinculados sin permisos, que son definidos en el Catálogo General. Este problema afecta a: OTRSCIsInCustomerFrontend versiones 7.0.15 y anteriores, ITSMConfigurationManagement versiones 7.0.24 y anteriores • https://otrs.com/release-notes/otrs-security-advisory-2021-07 • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •