Vulnerability & Exploit Database

Back to search

Debian: CVE-2017-16854: otrs2 -- security update

Severity CVSS Published Added Modified
4 (AV:N/AC:L/Au:S/C:P/I:N/A:N) December 07, 2017 December 19, 2017 January 15, 2018

Description

In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4.0.26, 5 through 5.0.24, and 6 through 6.0.1, an attacker who is logged in as a customer can use the ticket search form to disclose internal article information of their customer tickets.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

debian-upgrade-otrs2