Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2021-21443HistoryJul 26, 2021 - 5:15 a.m.
CVE-2021-21443
2021-07-2605:15:00
Debian Security Bug Tracker
security-tracker.debian.org
8
0.001 Low
EPSS
Percentile
22.4%
Agents are able to list customer user emails without required permissions in the bulk action screen. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | otrs2 | < 6.0.32-6 | otrs2_6.0.32-6_all.deb |
| Debian | 10 | all | otrs2 | < 6.0.16-2+deb10u1 | otrs2_6.0.16-2+deb10u1_all.deb |
| Debian | 12 | all | znuny | < 6.5.1-1 | znuny_6.5.1-1_all.deb |
| Debian | 999 | all | znuny | < 6.5.8-1 | znuny_6.5.8-1_all.deb |
| Debian | 13 | all | znuny | < 6.5.8-1 | znuny_6.5.8-1_all.deb |
Related
prion
prion
Code injection
2021-07-26 05:15:00
ubuntucve
ubuntucve
CVE-2021-21443
2021-07-26 00:00:00
veracode
veracode
Privilege Escalation
2021-08-05 23:03:50
cvelist
cvelist
CVE-2021-21443 Unautorized listing of the customer user emails
2021-07-26 00:00:00
cve
cve
CVE-2021-21443
2021-07-26 05:15:07
openvas
openvas
OTRS Multiple Vulnerabilities (OSA-2021-13, OSA-2021-14)
2021-07-27 00:00:00
Debian: Security Advisory (DLA-3551-1)
2023-08-31 00:00:00
nessus
nessus
Debian DLA-3551-1 : otrs2 - LTS security update
2023-09-06 00:00:00
osv
osv
otrs2 - security update
2023-08-31 00:00:00