vulnerability

Debian: CVE-2017-15864: otrs2 -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:P/I:N/A:N)	Nov 16, 2017	Nov 24, 2017	Mar 30, 2026

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Published

Nov 16, 2017

Added

Nov 24, 2017

Modified

Mar 30, 2026

Description

In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x through 3.3.18, with a crafted URL it is possible to gain information like database user and password.

Solution

debian-upgrade-otrs2

References

CVE-2017-15864
https://attackerkb.com/topics/CVE-2017-15864
DEBIAN-DSA-4047
EUVD-EUVD-2017-7286
https://euvd.enisa.europa.eu/vulnerability/EUVD-2017-7286

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report