PT-2018-12603 · Otrs+1 · Otrs+1

Francesco Sirocco

Publicado

2018-08-03

Atualizado

2019-10-03

CVE-2018-14593

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Open Ticket Request System (OTRS) versions 4.0.x through 4.0.30 Open Ticket Request System (OTRS) versions 5.0.x through 5.0.28 Open Ticket Request System (OTRS) versions 6.0.x through 6.0.9

Description An issue was discovered that allows an attacker who is logged in as an agent to escalate their privileges by accessing a specially crafted URL.

Recommendations For versions 4.0.x through 4.0.30, update to a version that contains a fix for this issue. For versions 5.0.x through 5.0.28, update to a version that contains a fix for this issue. For versions 6.0.x through 6.0.9, update to a version that contains a fix for this issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2018-14593

DLA-1473-1

DSA-4317-1

OPENSUSE-SU-2018_3005-1

Produtos afetados

Otrs

Suse

PT-2018-12603 · Otrs+1 · Otrs+1

CVE-2018-14593

Identificadores relacionados

Produtos afetados

Referências · 13