Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2020/01/30 12:0 a.m.34 views

Debian DLA-2079-1 : otrs2 security update

Several vulnerabilities have been discovered in the otrs2 package that may lead to unauthorized access, remote code execution and spoofing. CVE-2020-1765 An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward,...

6.1CVSS6.5AI score0.01499EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2020/01/30 12:0 a.m.44 views

Debian: Security Advisory (DLA-2079-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS5.7AI score0.01499EPSS
Exploits0References3
Debian
Debian
added 2020/01/29 12:0 p.m.40 views

[SECURITY] [DLA 2079-1] otrs2 security update

Package : otrs2 Version : 3.3.18-1+deb8u13 CVE ID : CVE-2020-1765 CVE-2020-1766 CVE-2020-1767 Several vulnerabilities have been discovered in the otrs2 package that may lead to unauthorized access, remote code execution and spoofing. CVE-2020-1765 An improper control of parameters allows the...

6.1CVSS6.7AI score0.01499EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/01/13 12:0 a.m.67 views

OTRS 6.0.x < 6.0.25, 7.0.x < 7.0.14 Message Vulnerability

OTRS is prone to a vulnerability where it is possible to send drafted messages as wrong agent. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS3.8AI score0.01241EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/01/10 3:15 p.m.23 views

CVE-2020-1767

Agent A is able to save a draft i.e. for customer reply. Then Agent B can open the draft, change the text completely and send it in the name of Agent A. For the customer it will not be visible that the message was sent by another agent. This issue affects: OTRS Community Edition 6.0.x version...

4.3CVSS6.3AI score0.01241EPSS
Exploits0References2
CVE
CVE
added 2020/01/10 3:9 p.m.136 views

CVE-2020-1767

CVE-2020-1767 affects OTRS Community Edition 6.0.x (up to 6.0.24) and OTRS 7.0.x (up to 7.0.13). Description: Agent A can save a draft; Agent B can open it, modify the text, and send it as Agent A, so customers see a message sent by the original agent. Debian/Nessus advisories indicate patches: u...

4.3CVSS4.6AI score0.01241EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/01/10 3:9 p.m.29 views

CVE-2020-1767 Possible to send drafted messages as wrong agent

Agent A is able to save a draft i.e. for customer reply. Then Agent B can open the draft, change the text completely and send it in the name of Agent A. For the customer it will not be visible that the message was sent by another agent. This issue affects: OTRS Community Edition 6.0.x version...

3.5CVSS5.2AI score0.01241EPSS
Exploits0References3
Rows per page
Query Builder