Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-4761HistoryMar 18, 2011 - 4:55 p.m.
CVE-2010-4761
2011-03-1816:55:01
Debian Security Bug Tracker
security-tracker.debian.org
23
otrs
customer-interface
ticket-print
data restriction
sensitive information
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
0.001
Percentile
45.1%
The customer-interface ticket-print dialog in Open Ticket Request System (OTRS) before 3.0.0-beta3 does not properly restrict customer-visible data, which allows remote authenticated users to obtain potentially sensitive information from the (1) responsible, (2) owner, (3) accounted time, (4) pending until, and (5) lock fields by reading this dialog.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | otrs2 | < 3.0.8+dfsg1-1 | otrs2_3.0.8+dfsg1-1_all.deb |
Related
nvd
nvd
CVE-2010-4761
2011-03-18 16:55:01
openvas
openvas
OTRS Ticket-print Information Disclosure Vulnerability
2013-09-22 00:00:00
cve
cve
CVE-2010-4761
2011-03-18 16:55:01
ubuntucve
ubuntucve
CVE-2010-4761
2011-03-18 00:00:00
prion
prion
Design/Logic Flaw
2011-03-18 16:55:00
cvelist
cvelist
CVE-2010-4761
2011-03-18 16:00:00
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
0.001
Percentile
45.1%
Related for DEBIANCVE:CVE-2010-4761