CVE-2024-43445

🗓️ 27 Jan 2025 05:58:11Reported by OTRSType

Vulnerability in OTRS allows MIME type sniffing due to missing X-Content-Type-Options header.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2024-43445	27 Jan 202506:16	–	circl
CNNVD	OTRS 安全漏洞	27 Jan 202500:00	–	cnnvd
Cvelist	CVE-2024-43445 Missing X-Content-Type-Options: nosniff Header Allows MIME Type Sniffing	27 Jan 202505:58	–	cvelist
EUVD	EUVD-2024-40417	3 Oct 202520:07	–	euvd
NVD	CVE-2024-43445	27 Jan 202506:15	–	nvd
Positive Technologies	PT-2025-2647 · Unknown +1 · Otrs Community Edition +1	13 Aug 202400:00	–	ptsecurity
SUSE CVE	SUSE CVE-2024-43445	28 Jan 202500:23	–	susecve
Vulnrichment	CVE-2024-43445 Missing X-Content-Type-Options: nosniff Header Allows MIME Type Sniffing	27 Jan 202505:58	–	vulnrichment

[
  {
    "defaultStatus": "affected",
    "product": "OTRS",
    "vendor": "OTRS AG",
    "versions": [
      {
        "status": "affected",
        "version": "7.0.x"
      },
      {
        "status": "affected",
        "version": "8.0.x"
      },
      {
        "status": "affected",
        "version": "2023.x"
      },
      {
        "status": "affected",
        "version": "2024.x"
      },
      {
        "lessThan": "2025.1.x",
        "status": "affected",
        "version": "2025.x",
        "versionType": "Patch"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "((OTRS)) Community Edition",
    "vendor": "OTRS AG",
    "versions": [
      {
        "lessThanOrEqual": "6.0.34",
        "status": "affected",
        "version": "6.0.x",
        "versionType": "All"
      }
    ]
  }
]

Source	Link
otrs	www.otrs.com/release-notes/otrs-security-advisory-2025-01/

15 Apr 2026 00:35Current

5.4Medium risk

Vulners AI Score5.4

CVSS 3.15.4

EPSS0.00141

SSVC

CWE-20