vulnerability
SUSE: CVE-2018-16587: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:M/Au:N/C:N/I:P/A:P) | Sep 27, 2018 | Oct 5, 2018 | Jun 11, 2021 |
Severity
6
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:P)
Published
Sep 27, 2018
Added
Oct 5, 2018
Modified
Jun 11, 2021
Description
In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server user has write access to.
Solutions
suse-upgrade-otrssuse-upgrade-otrs-docsuse-upgrade-otrs-itsm
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.