Lucene search
FreeBSD0C5CF7C4-856E-11E4-A089-60A44C524F57HistoryDec 16, 2014 - 12:00 a.m.
otrs -- Incomplete Access Control
2014-12-1600:00:00
vuxml.freebsd.org
14
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
75.6%
The OTRS project reports:
An attacker with valid OTRS credentials could access and manipulate ticket data
of other users via the GenericInterface, if a ticket webservice is configured
and not additionally secured.
Related
nessus
nessus
FreeBSD : otrs -- Incomplete Access Control (0c5cf7c4-856e-11e4-a089-60a44c524f57)
2014-12-17 00:00:00
Debian DSA-3124-1 : otrs2 - security update
2015-01-12 00:00:00
openSUSE Security Update : otrs (openSUSE-SU-2015:0117-1)
2015-01-26 00:00:00
osv
osv
otrs2 - security update
2015-01-10 00:00:00
cvelist
cvelist
CVE-2014-9324
2014-12-19 15:00:00
debian
debian
[SECURITY] [DSA 3124-1] otrs2 security update
2015-01-10 12:40:49
[SECURITY] [DSA 3124-1] otrs2 security update
2015-01-10 12:41:12
openvas
openvas
Debian: Security Advisory (DSA-3124-1)
2015-01-09 00:00:00
Debian Security Advisory DSA 3124-1 (otrs2 - security update)
2015-01-10 00:00:00
OTRS Help Desk Privilege Escalation Vulnerability (Dec 2014)
2014-12-24 00:00:00
cve
cve
CVE-2014-9324
2014-12-19 15:59:00
mageia
mageia
Updated otrs package fixes CVE-2014-9324
2015-01-20 17:57:33
prion
prion
Design/Logic Flaw
2014-12-19 15:59:00
securityvulns
securityvulns
[SECURITY] [DSA 3124-1] otrs2 security update
2015-01-19 00:00:00
ubuntucve
ubuntucve
CVE-2014-9324
2014-12-19 00:00:00
debiancve
debiancve
CVE-2014-9324
2014-12-19 15:59:00
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
75.6%
Related for 0C5CF7C4-856E-11E4-A089-60A44C524F57