CVE-2022-32741

2022-06-1300:00:00

ubuntu.com

0.001 Low

EPSS

Percentile

31.0%

JSON

Attacker is able to determine if the provided username exists (and it’s
valid) using Request New Password feature, based on the response time.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchotrs2< anyUNKNOWN
ubuntu20.04noarchotrs2< anyUNKNOWN
ubuntu22.04noarchotrs2< anyUNKNOWN
ubuntu16.04noarchotrs2< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	otrs2	< any	UNKNOWN
ubuntu	20.04	noarch	otrs2	< any	UNKNOWN
ubuntu	22.04	noarch	otrs2	< any	UNKNOWN
ubuntu	16.04	noarch	otrs2	< any	UNKNOWN

References

launchpad.net/bugs/cve/CVE-2022-32741

nvd.nist.gov/vuln/detail/CVE-2022-32741

otrs.com/release-notes/otrs-security-advisory-2022-09/

security-tracker.debian.org/tracker/CVE-2022-32741

www.cve.org/CVERecord?id=CVE-2022-32741

0.001 Low

EPSS

Percentile

31.0%

JSON

Related for UB:CVE-2022-32741