CVE-2025-24389

Name of the Vulnerable Software and Affected Versions OTRS versions 7.0.X through 2024.X ((OTRS)) Community Edition version 6.0.x

Description Certain errors of the upstream libraries will insert sensitive information in the log mechanism and mails sent to the system administrator. Products based on the ((OTRS)) Community Edition are also very likely to be affected.

Recommendations For OTRS versions 7.0.X through 2024.X, consider restricting access to the log mechanism and system administrator mails until a patch is available. For ((OTRS)) Community Edition version 6.0.x, consider disabling the log mechanism temporarily to minimize the risk of sensitive information exposure. As a temporary workaround, consider implementing additional logging and monitoring measures to detect potential sensitive information leaks.