Search
Find a vulnerability
Search criteria
8 vulnerabilities found for faq by otrs
CVE-2021-21438 (GCVE-0-2021-21438)
Vulnerability from nvd – Published: 2021-03-22 08:50 – Updated: 2024-09-17 01:46
VLAI
Title
FAQ articles are shown to users without permission
Summary
Agents are able to see linked FAQ articles without permissions (defined in FAQ Category). This issue affects: FAQ version 6.0.29 and prior versions, OTRS version 7.0.24 and prior versions.
Severity
CWE
- CWE-264 - Permissions, Privileges, and Access Controls
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://otrs.com/release-notes/otrs-security-advi… | x_refsource_MISC |
Impacted products
Date Public
2021-03-22 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:22.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://otrs.com/release-notes/otrs-security-advisory-2021-08/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FAQ",
"vendor": "OTRS AG",
"versions": [
{
"lessThanOrEqual": "6.0.29",
"status": "affected",
"version": "6.0.x",
"versionType": "custom"
}
]
},
{
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"lessThanOrEqual": "7.0.24",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Christopher Theuerkauf"
}
],
"datePublic": "2021-03-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Agents are able to see linked FAQ articles without permissions (defined in FAQ Category). This issue affects: FAQ version 6.0.29 and prior versions, OTRS version 7.0.24 and prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264 Permissions, Privileges, and Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-22T08:50:17.000Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://otrs.com/release-notes/otrs-security-advisory-2021-08/"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to OTRS 7.0.25."
}
],
"source": {
"advisory": "OSA-2021-08",
"defect": [
"2021020842001809"
],
"discovery": "USER"
},
"title": "FAQ articles are shown to users without permission",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@otrs.com",
"DATE_PUBLIC": "2021-03-22T00:00:00.000Z",
"ID": "CVE-2021-21438",
"STATE": "PUBLIC",
"TITLE": "FAQ articles are shown to users without permission"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FAQ",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "6.0.x",
"version_value": "6.0.29"
}
]
}
},
{
"product_name": "OTRS",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "7.0.24"
}
]
}
}
]
},
"vendor_name": "OTRS AG"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Christopher Theuerkauf"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Agents are able to see linked FAQ articles without permissions (defined in FAQ Category). This issue affects: FAQ version 6.0.29 and prior versions, OTRS version 7.0.24 and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264 Permissions, Privileges, and Access Controls"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://otrs.com/release-notes/otrs-security-advisory-2021-08/",
"refsource": "MISC",
"url": "https://otrs.com/release-notes/otrs-security-advisory-2021-08/"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to OTRS 7.0.25."
}
],
"source": {
"advisory": "OSA-2021-08",
"defect": [
"2021020842001809"
],
"discovery": "USER"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2021-21438",
"datePublished": "2021-03-22T08:50:17.683Z",
"dateReserved": "2020-12-29T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:46:15.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2637 (GCVE-0-2013-2637)
Vulnerability from nvd – Published: 2020-02-12 16:07 – Updated: 2024-08-06 15:44
VLAI
Summary
A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-updates/2013-0… | x_refsource_MISC |
| http://www.securityfocus.com/bid/58930 | x_refsource_MISC |
| http://www.exploit-db.com/exploits/24922 | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | x_refsource_MISC |
Date Public
2013-04-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:32.659Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/58930"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/24922"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83288"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-12T16:07:19.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/58930"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.exploit-db.com/exploits/24922"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83288"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2637",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html"
},
{
"name": "http://www.securityfocus.com/bid/58930",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/58930"
},
{
"name": "http://www.exploit-db.com/exploits/24922",
"refsource": "MISC",
"url": "http://www.exploit-db.com/exploits/24922"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83288",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83288"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2637",
"datePublished": "2020-02-12T16:07:19.000Z",
"dateReserved": "2013-03-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:44:32.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2625 (GCVE-0-2013-2625)
Vulnerability from nvd – Published: 2019-11-27 18:08 – Updated: 2024-08-06 15:44
VLAI
Summary
An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| http://lists.opensuse.org/opensuse-updates/2013-0… | x_refsource_MISC |
| http://archives.neohapsis.com/archives/bugtraq/20… | x_refsource_MISC |
| http://www.securityfocus.com/bid/58936 | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | x_refsource_MISC |
Date Public
2013-08-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:32.364Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-2625"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0009.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/58936"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83287"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-27T18:08:35.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-2625"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0009.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/58936"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83287"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2625",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2013-2625",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2013-2625"
},
{
"name": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html"
},
{
"name": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0009.html",
"refsource": "MISC",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0009.html"
},
{
"name": "http://www.securityfocus.com/bid/58936",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/58936"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83287",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83287"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2625",
"datePublished": "2019-11-27T18:08:35.000Z",
"dateReserved": "2013-03-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:44:32.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5843 (GCVE-0-2016-5843)
Vulnerability from nvd – Published: 2016-09-17 01:00 – Updated: 2024-08-06 01:15
VLAI
Summary
Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.otrs.com/security-advisory-2016-01-se… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/93019 | vdb-entryx_refsource_BID |
| https://github.com/OTRS/FAQ/commit/b805703e7b7725… | x_refsource_CONFIRM |
| https://github.com/OTRS/FAQ/commit/8c9d63bd0297ad… | x_refsource_CONFIRM |
| https://github.com/OTRS/FAQ/commit/3700f75c67f6ed… | x_refsource_CONFIRM |
Date Public
2016-06-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.otrs.com/security-advisory-2016-01-security-update-otrs-faq-package/"
},
{
"name": "93019",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93019"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OTRS/FAQ/commit/b805703e7b7725d1f3040bb626a4c4dd845ee9e3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OTRS/FAQ/commit/8c9d63bd0297adda760330805c31afc130861557"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OTRS/FAQ/commit/3700f75c67f6ed1d39bc213445c6d12a458e1af9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.otrs.com/security-advisory-2016-01-security-update-otrs-faq-package/"
},
{
"name": "93019",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93019"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OTRS/FAQ/commit/b805703e7b7725d1f3040bb626a4c4dd845ee9e3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OTRS/FAQ/commit/8c9d63bd0297adda760330805c31afc130861557"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OTRS/FAQ/commit/3700f75c67f6ed1d39bc213445c6d12a458e1af9"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.otrs.com/security-advisory-2016-01-security-update-otrs-faq-package/",
"refsource": "CONFIRM",
"url": "https://www.otrs.com/security-advisory-2016-01-security-update-otrs-faq-package/"
},
{
"name": "93019",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93019"
},
{
"name": "https://github.com/OTRS/FAQ/commit/b805703e7b7725d1f3040bb626a4c4dd845ee9e3",
"refsource": "CONFIRM",
"url": "https://github.com/OTRS/FAQ/commit/b805703e7b7725d1f3040bb626a4c4dd845ee9e3"
},
{
"name": "https://github.com/OTRS/FAQ/commit/8c9d63bd0297adda760330805c31afc130861557",
"refsource": "CONFIRM",
"url": "https://github.com/OTRS/FAQ/commit/8c9d63bd0297adda760330805c31afc130861557"
},
{
"name": "https://github.com/OTRS/FAQ/commit/3700f75c67f6ed1d39bc213445c6d12a458e1af9",
"refsource": "CONFIRM",
"url": "https://github.com/OTRS/FAQ/commit/3700f75c67f6ed1d39bc213445c6d12a458e1af9"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5843",
"datePublished": "2016-09-17T01:00:00.000Z",
"dateReserved": "2016-06-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:15:10.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21438 (GCVE-0-2021-21438)
Vulnerability from cvelistv5 – Published: 2021-03-22 08:50 – Updated: 2024-09-17 01:46
VLAI
Title
FAQ articles are shown to users without permission
Summary
Agents are able to see linked FAQ articles without permissions (defined in FAQ Category). This issue affects: FAQ version 6.0.29 and prior versions, OTRS version 7.0.24 and prior versions.
Severity
CWE
- CWE-264 - Permissions, Privileges, and Access Controls
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://otrs.com/release-notes/otrs-security-advi… | x_refsource_MISC |
Impacted products
Date Public
2021-03-22 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:22.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://otrs.com/release-notes/otrs-security-advisory-2021-08/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FAQ",
"vendor": "OTRS AG",
"versions": [
{
"lessThanOrEqual": "6.0.29",
"status": "affected",
"version": "6.0.x",
"versionType": "custom"
}
]
},
{
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"lessThanOrEqual": "7.0.24",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Christopher Theuerkauf"
}
],
"datePublic": "2021-03-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Agents are able to see linked FAQ articles without permissions (defined in FAQ Category). This issue affects: FAQ version 6.0.29 and prior versions, OTRS version 7.0.24 and prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264 Permissions, Privileges, and Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-22T08:50:17.000Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://otrs.com/release-notes/otrs-security-advisory-2021-08/"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to OTRS 7.0.25."
}
],
"source": {
"advisory": "OSA-2021-08",
"defect": [
"2021020842001809"
],
"discovery": "USER"
},
"title": "FAQ articles are shown to users without permission",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@otrs.com",
"DATE_PUBLIC": "2021-03-22T00:00:00.000Z",
"ID": "CVE-2021-21438",
"STATE": "PUBLIC",
"TITLE": "FAQ articles are shown to users without permission"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FAQ",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "6.0.x",
"version_value": "6.0.29"
}
]
}
},
{
"product_name": "OTRS",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "7.0.24"
}
]
}
}
]
},
"vendor_name": "OTRS AG"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Christopher Theuerkauf"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Agents are able to see linked FAQ articles without permissions (defined in FAQ Category). This issue affects: FAQ version 6.0.29 and prior versions, OTRS version 7.0.24 and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264 Permissions, Privileges, and Access Controls"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://otrs.com/release-notes/otrs-security-advisory-2021-08/",
"refsource": "MISC",
"url": "https://otrs.com/release-notes/otrs-security-advisory-2021-08/"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to OTRS 7.0.25."
}
],
"source": {
"advisory": "OSA-2021-08",
"defect": [
"2021020842001809"
],
"discovery": "USER"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2021-21438",
"datePublished": "2021-03-22T08:50:17.683Z",
"dateReserved": "2020-12-29T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:46:15.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2637 (GCVE-0-2013-2637)
Vulnerability from cvelistv5 – Published: 2020-02-12 16:07 – Updated: 2024-08-06 15:44
VLAI
Summary
A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-updates/2013-0… | x_refsource_MISC |
| http://www.securityfocus.com/bid/58930 | x_refsource_MISC |
| http://www.exploit-db.com/exploits/24922 | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | x_refsource_MISC |
Date Public
2013-04-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:32.659Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/58930"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/24922"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83288"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-12T16:07:19.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/58930"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.exploit-db.com/exploits/24922"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83288"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2637",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html"
},
{
"name": "http://www.securityfocus.com/bid/58930",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/58930"
},
{
"name": "http://www.exploit-db.com/exploits/24922",
"refsource": "MISC",
"url": "http://www.exploit-db.com/exploits/24922"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83288",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83288"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2637",
"datePublished": "2020-02-12T16:07:19.000Z",
"dateReserved": "2013-03-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:44:32.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2625 (GCVE-0-2013-2625)
Vulnerability from cvelistv5 – Published: 2019-11-27 18:08 – Updated: 2024-08-06 15:44
VLAI
Summary
An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| http://lists.opensuse.org/opensuse-updates/2013-0… | x_refsource_MISC |
| http://archives.neohapsis.com/archives/bugtraq/20… | x_refsource_MISC |
| http://www.securityfocus.com/bid/58936 | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | x_refsource_MISC |
Date Public
2013-08-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:32.364Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-2625"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0009.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/58936"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83287"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-27T18:08:35.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-2625"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0009.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/58936"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83287"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2625",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2013-2625",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2013-2625"
},
{
"name": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html"
},
{
"name": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0009.html",
"refsource": "MISC",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0009.html"
},
{
"name": "http://www.securityfocus.com/bid/58936",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/58936"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83287",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83287"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2625",
"datePublished": "2019-11-27T18:08:35.000Z",
"dateReserved": "2013-03-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:44:32.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5843 (GCVE-0-2016-5843)
Vulnerability from cvelistv5 – Published: 2016-09-17 01:00 – Updated: 2024-08-06 01:15
VLAI
Summary
Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.otrs.com/security-advisory-2016-01-se… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/93019 | vdb-entryx_refsource_BID |
| https://github.com/OTRS/FAQ/commit/b805703e7b7725… | x_refsource_CONFIRM |
| https://github.com/OTRS/FAQ/commit/8c9d63bd0297ad… | x_refsource_CONFIRM |
| https://github.com/OTRS/FAQ/commit/3700f75c67f6ed… | x_refsource_CONFIRM |
Date Public
2016-06-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.otrs.com/security-advisory-2016-01-security-update-otrs-faq-package/"
},
{
"name": "93019",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93019"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OTRS/FAQ/commit/b805703e7b7725d1f3040bb626a4c4dd845ee9e3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OTRS/FAQ/commit/8c9d63bd0297adda760330805c31afc130861557"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OTRS/FAQ/commit/3700f75c67f6ed1d39bc213445c6d12a458e1af9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.otrs.com/security-advisory-2016-01-security-update-otrs-faq-package/"
},
{
"name": "93019",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93019"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OTRS/FAQ/commit/b805703e7b7725d1f3040bb626a4c4dd845ee9e3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OTRS/FAQ/commit/8c9d63bd0297adda760330805c31afc130861557"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OTRS/FAQ/commit/3700f75c67f6ed1d39bc213445c6d12a458e1af9"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.otrs.com/security-advisory-2016-01-security-update-otrs-faq-package/",
"refsource": "CONFIRM",
"url": "https://www.otrs.com/security-advisory-2016-01-security-update-otrs-faq-package/"
},
{
"name": "93019",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93019"
},
{
"name": "https://github.com/OTRS/FAQ/commit/b805703e7b7725d1f3040bb626a4c4dd845ee9e3",
"refsource": "CONFIRM",
"url": "https://github.com/OTRS/FAQ/commit/b805703e7b7725d1f3040bb626a4c4dd845ee9e3"
},
{
"name": "https://github.com/OTRS/FAQ/commit/8c9d63bd0297adda760330805c31afc130861557",
"refsource": "CONFIRM",
"url": "https://github.com/OTRS/FAQ/commit/8c9d63bd0297adda760330805c31afc130861557"
},
{
"name": "https://github.com/OTRS/FAQ/commit/3700f75c67f6ed1d39bc213445c6d12a458e1af9",
"refsource": "CONFIRM",
"url": "https://github.com/OTRS/FAQ/commit/3700f75c67f6ed1d39bc213445c6d12a458e1af9"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5843",
"datePublished": "2016-09-17T01:00:00.000Z",
"dateReserved": "2016-06-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:15:10.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}