3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
39.4%
Open Ticket Request System (OTRS) before 3.0.0-beta6 adds email-notification-ext articles to tickets during processing of event-based notifications, which allows remote authenticated users to obtain potentially sensitive information by reading a ticket.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 11 | all | otrs2 | < 3.0.8+dfsg1-1 | otrs2_3.0.8+dfsg1-1_all.deb |