11 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-14635
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Open Ticket Request System OTRS 3.3.x before 3.3.18, 4.x before 4.0.25, and 5.x before 5.0.23, remote authenticated users can leverage statistics-write...
SUSE CVE-2017-14635
In Open Ticket Request System OTRS 3.3.x before 3.3.18, 4.x before 4.0.25, and 5.x before 5.0.23, remote authenticated users can leverage statistics-write permissions to gain privileges via code injection...
Debian: Security Advisory (DLA-1119-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OTRS Unspecified Remote Code Execution (OSA-2017-04)
The version of OTRS running on the remote host is 3.3.x prior to 3.3.18, 4.0.x prior to 4.0.25, 5.0.x prior to 5.0.23 or 6.0.x prior to 6.0.beta2. It is, therefore, affected by a remote code execution vulnerability. C Tenable Network Security, Inc. include"compat.inc"; if description...
[SECURITY] [DSA 4021-1] otrs2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4021-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 07, 2017 https://www.debian.org/security/faq -...
openSUSE Security Update : otrs (openSUSE-2017-1117)
This update for otrs to version 3.3.18 fixes the following issue : This security issue was fixed : - CVE-2017-14635: Remote authenticated users could have leveraged statistics-write permissions to gain privileges via code injection bsc1059691. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
[SECURITY] [DLA 1119-1] otrs2 security update
Package : otrs2 Version : 3.3.18-1deb7u1 CVE ID : CVE-2014-1695 CVE-2014-2553 CVE-2014-2554 CVE-2017-14635 Debian Bug : 876462 An attacker who is logged into OTRS, a Ticket Request System, as an agent with write permissions for statistics can inject arbitrary code into the system. This can lead t...
OTRS < 3.3.18, 4.x < 4.0.25, 5.x < 5.0.23 Privilege Escalation Vulnerability
OTRS is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:otrs:otrs"; if description...
CVE-2017-14635
The CVE-2017-14635 vulnerability affects OTRS across multiple releases: 3.3.x before 3.3.18, 4.x before 4.0.25, and 5.x before 5.0.23. Remote authenticated users with statistics-write permissions can perform code injection to gain privileges (privilege escalation). Remediation across advisories s...
CVE-2017-14635
In Open Ticket Request System OTRS 3.3.x before 3.3.18, 4.x before 4.0.25, and 5.x before 5.0.23, remote authenticated users can leverage statistics-write permissions to gain privileges via code injection...
CVE-2017-14635
In Open Ticket Request System OTRS 3.3.x before 3.3.18, 4.x before 4.0.25, and 5.x before 5.0.23, remote authenticated users can leverage statistics-write permissions to gain privileges via code injection...