[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-2696-1 otrs2 -- privilege escalation

ID: oval:org.secpod.oval:def:601044Date: (C)2013-05-29   (M)2022-10-10
Class: PATCHFamily: unix




A vulnerability has been discovered in the Open Ticket Request System, which can be exploited by malicious users to disclose potentially sensitive information. An attacker with a valid agent login could manipulate URLs in the ticket split mechanism to see contents of tickets and they are not permitted to see. The oldstable distribution , is not affected by this issue.

Platform:
Debian 7.0
Product:
otrs2
Reference:
DSA-2696-1
CVE-2013-3551
CVE    1
CVE-2013-3551
CPE    2
cpe:/a:otrs:otrs
cpe:/o:debian:debian_linux:7.0

© SecPod Technologies