Lucene search
K

4 matches found

NVD
NVD
added 2017/06/12 6:29 a.m.23 views

CVE-2017-9324

In Open Ticket Request System OTRS 3.3.x through 3.3.16, 4.x through 4.0.23, and 5.x through 5.0.19, an attacker with agent permission is capable of opening a specific URL in a browser to gain administrative privileges / full access. Afterward, all system settings can be read and changed. The URL...

8.8CVSS8.7AI score0.02351EPSS
Exploits1References3
CVE
CVE
added 2017/06/12 6:0 a.m.84 views

CVE-2017-9324

The CVE-2017-9324 issue affects OTRS versions 3.3.x (up to 3.3.16), 4.x (up to 4.0.23), and 5.x (up to 5.0.19). A user with agent permissions can open a crafted URL (index.pl?Action=Installer with ;Subaction=Intro/Start/System) to gain administrative privileges, then read and modify all system se...

8.8CVSS8.5AI score0.02351EPSS
Exploits1References3Affected Software1
Debian
Debian
added 2017/06/09 6:54 p.m.28 views

[SECURITY] [DSA 3876-1] otrs2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3876-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 09, 2017 https://www.debian.org/security/faq -...

8.8CVSS8.6AI score0.02351EPSS
Exploits1
OpenVAS
OpenVAS
added 2017/06/08 12:0 a.m.17 views

Debian: Security Advisory (DSA-3876-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.02351EPSS
Exploits1References3
Rows per page
Query Builder