Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2019-13458HistoryAug 21, 2019 - 2:15 p.m.
CVE-2019-13458
2019-08-2114:15:10
Debian Security Bug Tracker
security-tracker.debian.org
7
0.002 Low
EPSS
Percentile
61.2%
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS notification tags in templates in order to disclose hashed user passwords.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | otrs2 | < 6.0.20-1 | otrs2_6.0.20-1_all.deb |
| Debian | 10 | all | otrs2 | < 6.0.16-2+deb10u1 | otrs2_6.0.16-2+deb10u1_all.deb |
Related
osv
osv
CVE-2019-13458
2019-08-21 14:15:10
otrs2 - security update
2023-08-31 00:00:00
prion
prion
Design/Logic Flaw
2019-08-21 14:15:00
cvelist
cvelist
CVE-2019-13458
2019-08-21 00:00:00
ubuntucve
ubuntucve
CVE-2019-13458
2019-08-21 00:00:00
cve
cve
CVE-2019-13458
2019-08-21 14:15:10
openvas
openvas
OTRS 5.0.x < 5.0.37, 6.0.x < 6.0.20, 7.0.x < 7.0.9 Information Disclosure Vulnerability
2019-08-22 00:00:00
Debian: Security Advisory (DLA-1877-1)
2019-08-15 00:00:00
openSUSE: Security Advisory for Recommended (openSUSE-SU-2020:1475-1)
2020-09-21 00:00:00
nessus
nessus
Debian DLA-1877-1 : otrs2 security update
2019-08-20 00:00:00
openSUSE Security Update : otrs (openSUSE-2020-1475)
2020-09-23 00:00:00
openSUSE Security Update : otrs (openSUSE-2020-551)
2020-04-28 00:00:00