PT-2017-14246 · Otrs+2 · Otrs+2

Publicado

2015-04-25

Atualizado

2019-10-03

CVE-2017-15864

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Open Ticket Request System (OTRS) versions 3.3.x through 3.3.18

Description The issue allows an attacker to gain sensitive information, such as database user and password, by using a crafted URL in the Agent Frontend of OTRS.

Recommendations For OTRS versions 3.3.x through 3.3.18, update to a version that contains a fix for this issue to prevent information disclosure.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2015-1405

CVE-2017-15864

DLA-1212-1

DSA-4047-1

OPENSUSE-SU-2017_3054-1

Produtos afetados

Alt Linux

Otrs

Suse

PT-2017-14246 · Otrs+2 · Otrs+2

CVE-2017-15864

Identificadores relacionados

Produtos afetados

Referências · 11