CVE-2017-9324
OTRS Install Dialog Disclosure
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through 4.0.23, and 5.x through 5.0.19, an attacker with agent permission is capable of opening a specific URL in a browser to gain administrative privileges / full access. Afterward, all system settings can be read and changed. The URLs in question contain index.pl?Action=Installer with ;Subaction=Intro or ;Subaction=Start or ;Subaction=System appended at the end.
En Open Ticket Request System (OTRS) versión 3.3.x hasta la versión 3.3.16, versión 4.x hasta 4.0.23 y versión 5.x hasta la versión 5.0.19, un atacante con permiso de agente es capaz de abrir una URL específica en un navegador para alcanzar privilegios administrativos y acceso completo. Después, todos los ajustes del sistema se pueden leer y cambiar. Las URL en cuestión contienen index.pl?Action=Installer con ;Subaction=Intro o ;Subaction=Start o ;Subaction=System anexado al final.
Due to insufficient checking of privileges, it is possible to access the OTRS Install dialog of an already installed instance, which enables an authenticated attacker to change the database settings, superuser password, mail server settings, log file location and other parameters. Versions affected include OTRS 5.0.x, OTRS 4.0.x, and OTRS 3.3.x.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-05-30 CVE Reserved
- 2017-06-08 CVE Published
- 2023-05-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-269: Improper Privilege Management
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
https://packetstormsecurity.com/files/142862/OTRS-Install-Dialog-Disclosure.html | Mailing List |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.debian.org/security/2017/dsa-3876 | 2019-10-03 | |
https://www.otrs.com/security-advisory-2017-03-security-update-otrs-versions | 2019-10-03 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Otrs Search vendor "Otrs" | Otrs Search vendor "Otrs" for product "Otrs" | >= 3.3.0 <= 3.3.16 Search vendor "Otrs" for product "Otrs" and version " >= 3.3.0 <= 3.3.16" | - |
Affected
| ||||||
Otrs Search vendor "Otrs" | Otrs Search vendor "Otrs" for product "Otrs" | >= 4.0.0 <= 4.0.23 Search vendor "Otrs" for product "Otrs" and version " >= 4.0.0 <= 4.0.23" | - |
Affected
| ||||||
Otrs Search vendor "Otrs" | Otrs Search vendor "Otrs" for product "Otrs" | >= 5.0.0 <= 5.0.19 Search vendor "Otrs" for product "Otrs" and version " >= 5.0.0 <= 5.0.19" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
|