Page 10 of 50 results (0.013 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in OTRS 6.0.x before 6.0.7. An attacker who is logged into OTRS as a customer can use the ticket overview screen to disclose internal article information of their customer tickets. Se ha descubierto un problema en OTRS, en versiones 6.0.x anteriores a la 6.0.7. Un atacante que haya iniciado sesión en OTRS como cliente puede emplear la pantalla de visualización de tickets para revelar información interna de artículos de sus tickets de cliente. • https://community.otrs.com/security-advisory-2018-01-security-update-for-otrs-framework • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 1

In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall element to execute a command on the server during package installation. NOTE: the vendor disputes this issue stating "the behaviour is as designed and needed for different packages to be installed", "there is a security warning if the package is not verified by OTRS Group", and "there is the possibility and responsibility of an admin to check packages before installation which is possible as they are not binary. ** EN DISPUTA ** En el Admin Package Manager en Open Ticket Request System (OTRS) 5.0.0 hasta 5.0.24 y 6.0.0 hasta 6.0.1, los administradores autenticados pueden explotar una vulnerabilidad de ejecución remota de código ciega cargando un archivo opm manipulado mediante un elemento CodeInstall para ejecutar un comando en el servidor mediante la instalación de paquetes. NOTA: el fabricante discute este problema argumentando que "el comportamiento se ha diseñado así y es necesario para que diferentes paquetes sean instalados", "hay una advertencia de seguridad si el paquete no está verificado por OTRS Group" y "es posible y la responsabilidad de un administrador comprobar los paquetes antes de instalarlos, lo que es posible porque no son binarios". OTRS versions 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1 suffer from remote code execution vulnerabilities. • https://0day.today/exploit/29938 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0

Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email. Open Ticket Request System (OTRS) en versiones 4.0.x anteriores a la 4.0.28, 5.0.x anteriores a la 5.0.26 y 6.0.x anteriores a la 6.0.3, cuando el soporte de cookies está desactivado, podría permitir a los atacantes remotos secuestrar las sesiones web y ganar privilegios en consecuencia mediante un email manipulado. • https://github.com/OTRS/otrs/commit/26707eaaa791648e6c7ad6aeaa27efd70e7c66eb https://github.com/OTRS/otrs/commit/36e3be99cfe8a9e09afa1b75fdc39f3e28f561fc https://github.com/OTRS/otrs/commit/720c73fbf53e476ca7dfdf2ae1d4d3d2aad2b953 https://lists.debian.org/debian-lts-announce/2017/12/msg00018.html https://www.debian.org/security/2017/dsa-4069 https://www.otrs.com/security-advisory-2017-10-security-update-otrs-framework • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0

In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4.0.26, 5 through 5.0.24, and 6 through 6.0.1, an attacker who is logged in as a customer can use the ticket search form to disclose internal article information of their customer tickets. En Open Ticket Request System (OTRS) hasta la versión 3.3.20; en las versiones 4 hasta la 4.0.26; en las versiones 5 hasta la 5.0.24 y en las versiones 6 hasta la 6.0.1, un atacante que ha iniciado sesión como cliente puede emplear el formulario de búsqueda de tickets para revelar información interna de artículos de sus tickets de cliente. • https://lists.debian.org/debian-lts-announce/2017/12/msg00015.html https://www.debian.org/security/2017/dsa-4066 https://www.otrs.com/security-advisory-2017-08-security-update-otrs-framework • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.0EPSS: 2%CPEs: 70EXPL: 1

In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters (related to PGP) and execute arbitrary shell commands with the permissions of the OTRS or web server user. En OTRS en versiones 6.0.x hasta e incluyendo 6.0.1; OTRS 5.0.x hasta e incluyendo 5.0.24 y OTRS 4.0.x hasta e incluyendo 4.0.26, un atacante que haya iniciado sesión en OTRS como agente puede manipular los parámetros de formulario (relacionados con PGP) y ejecutar comandos shell arbitrarios con los permisos del usuario OTRS o del servidor web. OTRS versions 5.0.x and 6.0.x suffer from a remote command execution vulnerability. • https://www.exploit-db.com/exploits/43853 http://packetstormsecurity.com/files/162295/OTRS-6.0.1-Remote-Command-Execution.html https://lists.debian.org/debian-lts-announce/2017/12/msg00015.html https://www.debian.org/security/2017/dsa-4066 https://www.otrs.com/security-advisory-2017-09-security-update-otrs-framework • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •