Lucene search
GoogleOSV:CVE-2017-16854HistoryDec 08, 2017 - 5:29 p.m.
CVE-2017-16854
2017-12-0817:29:00
Google
osv.dev
6
In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4.0.26, 5 through 5.0.24, and 6 through 6.0.1, an attacker who is logged in as a customer can use the ticket search form to disclose internal article information of their customer tickets.
| CPE | Name | Operator | Version |
|---|---|---|---|
| otrs | eq | rel-2_0_0-b1 | |
| otrs | eq | rel-2_2_1 | |
| otrs | eq | rel-2_2_0_beta1 | |
| otrs | eq | rel-1_1_0_rc2 | |
| otrs | eq | rel-3_3_11 | |
| otrs | eq | rel-3_0_0-b5 | |
| otrs | eq | rel-2_2_0_beta3 | |
| otrs | eq | rel-4_0_19 | |
| otrs | eq | rel-4_0_22 | |
| otrs | eq | rel-4_0_17 |
Related
openvas
openvas
OTRS Remote Code Execution Vulnerability - Dec '17
2017-12-11 00:00:00
Debian: Security Advisory (DSA-4066-1)
2017-12-16 00:00:00
Debian: Security Advisory (DLA-1212-1)
2023-03-08 00:00:00
nvd
nvd
CVE-2017-16854
2017-12-08 17:29:00
cve
cve
CVE-2017-16854
2017-12-08 17:29:00
prion
prion
Open redirect
2017-12-08 17:29:00
debiancve
debiancve
CVE-2017-16854
2017-12-08 17:29:00
ubuntucve
ubuntucve
CVE-2017-16854
2017-12-08 00:00:00
cvelist
cvelist
CVE-2017-16854
2017-12-08 17:00:00
debian
debian
[SECURITY] [DSA 4066-1] otrs2 security update
2017-12-17 14:11:32
[SECURITY] [DLA 1212-1] otrs2 security update
2017-12-19 20:42:01
nessus
nessus
Debian DSA-4066-1 : otrs2 - security update
2017-12-18 00:00:00
FreeBSD : OTRS -- Multiple vulnerabilities (cebd05d6-ed7b-11e7-95f2-005056925db4)
2018-01-02 00:00:00
Debian DLA-1212-1 : otrs2 security update
2017-12-20 00:00:00
osv
osv
otrs2 - security update
2017-12-17 00:00:00
otrs2 - security update
2017-12-19 00:00:00
freebsd
freebsd
OTRS -- Multiple vulnerabilities
2017-11-21 00:00:00