CVE-2011-1433

Name of the Vulnerable Software and Affected Versions Open Ticket Request System (OTRS) versions prior to 3.0.6

Description The issue in OTRS allows context-dependent attackers to obtain sensitive information. This is due to the AgentInterface and CustomerInterface components placing cleartext credentials into the session data in the database. Attackers can read the UserLogin and UserPW fields to gain access to sensitive information.

Recommendations For versions prior to 3.0.6, update to version 3.0.6 or later to resolve the issue.