Unknown · Otrs Ag Otrscisincustomerfrontend · CVE-2021-21437
**Name of the Vulnerable Software and Affected Versions**
OTRSCIsInCustomerFrontend versions 7.0.15 and prior
ITSMConfigurationManagement versions 7.0.24 and prior
**Description**
The issue allows agents to see linked Config Items without the necessary permissions, which are defined in the General Catalog.
**Recommendations**
For OTRSCIsInCustomerFrontend versions 7.0.15 and prior, update to a version later than 7.0.15 to resolve the issue.
For ITSMConfigurationManagement versions 7.0.24 and prior, update to a version later than 7.0.24 to resolve the issue.