Search

Find a vulnerability

Search criteria

    285 vulnerabilities found for otrs by otrs

    CVE-2026-48209 (GCVE-0-2026-48209)

    Vulnerability from nvd – Published: 2026-06-01 03:32 – Updated: 2026-06-01 13:19
    VLAI
    Title
    Reflected XSS in authenticated agent context
    Summary
    An improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened. This issue affects OTRS: * 7.0.x Please note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    • CWE-116 - Improper Encoding or Escaping of Output
    Assigner
    Impacted products
    Date Public
    2026-06-01 07:00
    Credits
    Special thanks to William Bastos (@chor4o) for reporting this vulnerability
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48209",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:19:36.979966Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:19:45.357Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.x"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "((OTRS)) Community Edition",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.x"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Special thanks to William Bastos (@chor4o) for reporting this vulnerability"
            }
          ],
          "datePublic": "2026-06-01T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003eAn improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eThis issue affects OTRS:\u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.x\u003c/li\u003e\u003c/ul\u003ePlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e"
                }
              ],
              "value": "An improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened.\n\nThis issue affects OTRS:\n\n  *  7.0.x\n\nPlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-63",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-63 Cross-Site Scripting (XSS)"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-116",
                  "description": "CWE-116 Improper Encoding or Escaping of Output",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T03:32:28.473Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-08/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to latest version of OTRS (2026.4.1. or later). Please note that there will be no OTRS 7 patches\u003cbr\u003e"
                }
              ],
              "value": "Update to latest version of OTRS (2026.4.1. or later). Please note that there will be no OTRS 7 patches"
            }
          ],
          "source": {
            "advisory": "OSA-2026-08",
            "defect": [
              "Ticket#2026052110000287",
              "Ticket#2026041442001606"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Reflected XSS in authenticated agent context",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2026-48209",
        "datePublished": "2026-06-01T03:32:28.473Z",
        "dateReserved": "2026-05-21T12:12:49.645Z",
        "dateUpdated": "2026-06-01T13:19:45.357Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48208 (GCVE-0-2026-48208)

    Vulnerability from nvd – Published: 2026-06-01 03:32 – Updated: 2026-06-01 13:19
    VLAI
    Title
    Denial-of-Service via SVG Rendering in Ticket
    Summary
    An improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article rendering allows attackers to inject specially crafted SVG payloads via email content, leading to browser-side resource exhaustion and denial of service when affected tickets are opened by an agent or customer. The issue can be exploited without JavaScript execution and is not mitigated by the configured Content Security Policy (CSP). This issue affects OTRS: * 7.0.X * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X Please note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    • CWE-791 - Incomplete Filtering of Special Elements
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 7.0.x
    Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x
    Affected: 2025.x
    Affected: 2026.x , ≤ 2026.3.x (patch)
    Create a notification for this product.
    OTRS AG ((OTRS)) Community Edition Affected: 6.x
    Create a notification for this product.
    Date Public
    2026-06-01 07:00
    Credits
    Special thanks to Daniel Triznafor reporting this vulnerability
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48208",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:19:13.837405Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:19:22.939Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "modules": [
                "Agent Frontend",
                "External Interface"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.x"
                },
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "status": "affected",
                  "version": "2024.x"
                },
                {
                  "status": "affected",
                  "version": "2025.x"
                },
                {
                  "lessThanOrEqual": "2026.3.x",
                  "status": "affected",
                  "version": "2026.x",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "modules": [
                "Agent Frontend",
                "External Interface"
              ],
              "product": "((OTRS)) Community Edition",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.x"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Special thanks to Daniel Triznafor reporting this vulnerability"
            }
          ],
          "datePublic": "2026-06-01T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAn improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article rendering allows attackers to inject specially crafted SVG payloads via email content, leading to browser-side resource exhaustion and denial of service when affected tickets are opened by an agent or customer. The issue can be exploited without JavaScript execution and is not mitigated by the configured Content Security Policy (CSP).\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS:\u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003ePlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "An improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article rendering allows attackers to inject specially crafted SVG payloads via email content, leading to browser-side resource exhaustion and denial of service when affected tickets are opened by an agent or customer. The issue can be exploited without JavaScript execution and is not mitigated by the configured Content Security Policy (CSP).\n\nThis issue affects OTRS:\n\n  *  7.0.X\n  *  8.0.X\n  *  2023.X\n  *  2024.X\n  *  2025.X\n  *  2026.X before 2026.4.X\n\nPlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-791",
                  "description": "CWE-791 Incomplete Filtering of Special Elements",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T03:32:38.926Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-07/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
            }
          ],
          "source": {
            "advisory": "OSA-2026-07",
            "defect": [
              "Ticket#2026052110000251",
              "Issue#4802"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Denial-of-Service via SVG Rendering in Ticket",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2026-48208",
        "datePublished": "2026-06-01T03:32:38.926Z",
        "dateReserved": "2026-05-21T12:12:49.645Z",
        "dateUpdated": "2026-06-01T13:19:22.939Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48191 (GCVE-0-2026-48191)

    Vulnerability from nvd – Published: 2026-06-01 03:32 – Updated: 2026-06-01 13:18
    VLAI
    Title
    Wrong Permission Handling in Document Search Article Meta Filters
    Summary
    An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them. This issue affects OTRS with STORM modules: * 7.0.X * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Unknown: 7.0.x
    Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x
    Affected: 2025.x
    Affected: 2026.x , ≤ 2026.3.x (patch)
    Create a notification for this product.
    Date Public
    2026-06-01 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48191",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:18:50.061709Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:18:59.494Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "modules": [
                "Document Search Article Meta Filters"
              ],
              "packageName": "STORM",
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "unknown",
                  "version": "7.0.x"
                },
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "status": "affected",
                  "version": "2024.x"
                },
                {
                  "status": "affected",
                  "version": "2025.x"
                },
                {
                  "lessThanOrEqual": "2026.3.x",
                  "status": "affected",
                  "version": "2026.x",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-01T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS with STORM modules: \u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them.\n\nThis issue affects OTRS with STORM modules: \n\n  *  7.0.X\n  *  8.0.X\n  *  2023.X\n  *  2024.X\n  *  2025.X\n  *  2026.X before 2026.4.X"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-54",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-54 Query System for Information"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276 Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T03:32:47.624Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-05/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
            }
          ],
          "source": {
            "advisory": "OSA-2026-05",
            "defect": [
              "Ticket#2026052110000189",
              "Issue#4041"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Wrong Permission Handling in Document Search Article Meta Filters",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2026-48191",
        "datePublished": "2026-06-01T03:32:47.624Z",
        "dateReserved": "2026-05-21T07:53:13.254Z",
        "dateUpdated": "2026-06-01T13:18:59.494Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48190 (GCVE-0-2026-48190)

    Vulnerability from nvd – Published: 2026-06-01 03:32 – Updated: 2026-06-01 13:18
    VLAI
    Title
    Incorrect handling of permissions in External Interface Config Item List module
    Summary
    An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and CustomerGroupSupport has to be used to be affected. This issue affects OTRS: * 7.0.X * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 7.0.x
    Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x
    Affected: 2025.x
    Affected: 2026.x , ≤ 2026.3.x (patch)
    Create a notification for this product.
    Date Public
    2026-06-01 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48190",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:18:28.357530Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:18:37.055Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "modules": [
                "External Interface",
                "ConfigItem List"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.x"
                },
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "status": "affected",
                  "version": "2024.x"
                },
                {
                  "status": "affected",
                  "version": "2025.x"
                },
                {
                  "lessThanOrEqual": "2026.3.x",
                  "status": "affected",
                  "version": "2026.x",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-01T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and \u003ccode\u003eCustomerGroupSupport\u003c/code\u003e\u0026nbsp;has to be used to be affected.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS: \u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and CustomerGroupSupport\u00a0has to be used to be affected.\n\nThis issue affects OTRS: \n\n  *  7.0.X\n  *  8.0.X\n  *  2023.X\n  *  2024.X\n  *  2025.X\n  *  2026.X before 2026.4.X"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-54",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-54 Query System for Information"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276 Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T03:32:53.621Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-04/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
            }
          ],
          "source": {
            "advisory": "OSA-2026-04",
            "defect": [
              "Ticket#2026052110000171",
              "Issue#3939"
            ],
            "discovery": "USER"
          },
          "title": "Incorrect handling of permissions in External Interface Config Item List module",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2026-48190",
        "datePublished": "2026-06-01T03:32:53.621Z",
        "dateReserved": "2026-05-21T07:53:13.254Z",
        "dateUpdated": "2026-06-01T13:18:37.055Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48189 (GCVE-0-2026-48189)

    Vulnerability from nvd – Published: 2026-06-01 03:33 – Updated: 2026-06-01 13:14
    VLAI
    Title
    Bypass DedicatedAgentToCustomerGroups Setting
    Summary
    An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and CustomerGroupSupport has to be used to be affected. This issue affects OTRS: * 7.0.X * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 7.0.x
    Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x
    Affected: 2025.x
    Affected: 2026.x , ≤ 2026.3.x (patch)
    Create a notification for this product.
    Date Public
    2026-06-01 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48189",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:14:38.008285Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:14:49.791Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "modules": [
                "Customer Backend"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.x"
                },
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "status": "affected",
                  "version": "2024.x"
                },
                {
                  "status": "affected",
                  "version": "2025.x"
                },
                {
                  "lessThanOrEqual": "2026.3.x",
                  "status": "affected",
                  "version": "2026.x",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-01T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and\u0026nbsp;\u003ccode\u003eCustomerGroupSupport\u003c/code\u003e\u0026nbsp;has to be used to be affected.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS: \u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and\u00a0CustomerGroupSupport\u00a0has to be used to be affected.\n\nThis issue affects OTRS: \n\n  *  7.0.X\n  *  8.0.X\n  *  2023.X\n  *  2024.X\n  *  2025.X\n  *  2026.X before 2026.4.X"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-54",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-54 Query System for Information"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T03:33:03.373Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-03/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
            }
          ],
          "source": {
            "advisory": "OSA-2026-03",
            "defect": [
              "Ticket#2026052110000161",
              "Issue#3780"
            ],
            "discovery": "USER"
          },
          "title": "Bypass DedicatedAgentToCustomerGroups Setting",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2026-48189",
        "datePublished": "2026-06-01T03:33:03.373Z",
        "dateReserved": "2026-05-21T07:53:13.254Z",
        "dateUpdated": "2026-06-01T13:14:49.791Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48188 (GCVE-0-2026-48188)

    Vulnerability from nvd – Published: 2026-06-01 03:33 – Updated: 2026-06-01 13:17
    VLAI
    Title
    SQL Injection via MySQL Quote Method
    Summary
    An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if the MySQL/MariaDB server is configured with the NO_BACKSLASH_ESCAPES SQL mode. This issue affects OTRS: * 7.0.X * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X * (OTRS)) Community Edition: 6.0.x Products based on the ((OTRS)) Community Edition also very likely to be affected
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 7.0.x
    Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x
    Affected: 2025.x
    Affected: 2026.x , ≤ 2026.3.x (patch)
    Create a notification for this product.
    OTRS AG ((OTRS)) Community Edition Affected: 6.x
    Create a notification for this product.
    Date Public
    2026-06-01 07:00
    Credits
    Special thanks to Daniel Triznafor reporting this vulnerability
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48188",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:17:22.840595Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:17:31.447Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "modules": [
                "Database Layer"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.x"
                },
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "status": "affected",
                  "version": "2024.x"
                },
                {
                  "status": "affected",
                  "version": "2025.x"
                },
                {
                  "lessThanOrEqual": "2026.3.x",
                  "status": "affected",
                  "version": "2026.x",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "((OTRS)) Community Edition",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.x"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Special thanks to Daniel Triznafor reporting this vulnerability"
            }
          ],
          "datePublic": "2026-06-01T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition\u0026nbsp;database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if\u0026nbsp;the MySQL/MariaDB server is configured with the \u003ccode\u003eNO_BACKSLASH_ESCAPES\u003c/code\u003e SQL mode.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS: \u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003cli\u003e(OTRS)) Community Edition: 6.0.x\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cdiv\u003eProducts based on the ((OTRS)) Community Edition also very likely to be affected\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition\u00a0database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if\u00a0the MySQL/MariaDB server is configured with the NO_BACKSLASH_ESCAPES SQL mode.\n\nThis issue affects OTRS: \n\n  *  7.0.X\n  *  8.0.X\n  *  2023.X\n  *  2024.X\n  *  2025.X\n  *  2026.X before 2026.4.X\n  *  (OTRS)) Community Edition: 6.0.x\n\nProducts based on the ((OTRS)) Community Edition also very likely to be affected"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T03:33:15.822Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-02/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
            }
          ],
          "source": {
            "advisory": "OSA-2026-02",
            "defect": [
              "Ticket#2026052110000134",
              "Issue#4824",
              "Issue#4859"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "SQL Injection via MySQL Quote Method",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Reconfigure\u0026nbsp;MySQL/MariaDB servernot to use\u0026nbsp;\u003ccode\u003eNO_BACKSLASH_ESCAPES\u003c/code\u003e SQL"
                }
              ],
              "value": "Reconfigure\u00a0MySQL/MariaDB servernot to use\u00a0NO_BACKSLASH_ESCAPES SQL"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2026-48188",
        "datePublished": "2026-06-01T03:33:15.822Z",
        "dateReserved": "2026-05-21T07:53:13.254Z",
        "dateUpdated": "2026-06-01T13:17:31.447Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48187 (GCVE-0-2026-48187)

    Vulnerability from nvd – Published: 2026-06-01 03:33 – Updated: 2026-06-01 13:17
    VLAI
    Title
    Email with special content can lead to DoS
    Summary
    An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocation which may lead to the abortion of the webserver.This issue affects OTRS: * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X Please note that ((OTRS)) Community Edition 6.x, OTRS 7.x and products based on the ((OTRS)) Community Edition also very likely to be affected
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Unknown: 7.0.x
    Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x
    Affected: 2025.x
    Affected: 2026.x , ≤ 2026.3.x (patch)
    Create a notification for this product.
    OTRS AG ((OTRS)) Community Edition Unknown: 6.x
    Create a notification for this product.
    Date Public
    2026-06-01 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48187",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:16:53.155447Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:17:04.742Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "modules": [
                "Mail Backend"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "unknown",
                  "version": "7.0.x"
                },
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "status": "affected",
                  "version": "2024.x"
                },
                {
                  "status": "affected",
                  "version": "2025.x"
                },
                {
                  "lessThanOrEqual": "2026.3.x",
                  "status": "affected",
                  "version": "2026.x",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "((OTRS)) Community Edition",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "unknown",
                  "version": "6.x"
                }
              ]
            }
          ],
          "datePublic": "2026-06-01T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocation which may lead to the abortion of the webserver.\u003cp\u003eThis issue affects OTRS:\u003c/p\u003e\u003cul\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003ePlease note that ((OTRS)) Community Edition 6.x, OTRS 7.x and products based on the ((OTRS)) Community Edition also very likely to be affected"
                }
              ],
              "value": "An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocation which may lead to the abortion of the webserver.This issue affects OTRS:\n\n  *  8.0.X\n  *  2023.X\n  *  2024.X\n  *  2025.X\n  *  2026.X before 2026.4.X\n\nPlease note that ((OTRS)) Community Edition 6.x, OTRS 7.x and products based on the ((OTRS)) Community Edition also very likely to be affected"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T03:33:23.990Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-06/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
            }
          ],
          "source": {
            "advisory": "OSA-2026-06",
            "defect": [
              "Ticket#2026052110000214",
              "Issue#3890"
            ],
            "discovery": "USER"
          },
          "title": "Email with special content can lead to DoS",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2026-48187",
        "datePublished": "2026-06-01T03:33:23.990Z",
        "dateReserved": "2026-05-21T07:53:13.253Z",
        "dateUpdated": "2026-06-01T13:17:04.742Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48210 (GCVE-0-2026-48210)

    Vulnerability from nvd – Published: 2026-05-31 21:11 – Updated: 2026-06-01 13:24
    VLAI
    Title
    Possible information disclosure via External Interface
    Summary
    An improper default configuration in OTRS 2026.3.1 causes ticket article forwarding actions to enforce the “Is visible for customer” flag by default and prevent users from disabling it via the UI. This leads to unintended exposure of internal ticket information to the External Frontend This issue affects OTRS 2026.3.1
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 2026.3.1
    Create a notification for this product.
    Date Public
    2026-06-01 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48210",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:24:29.483981Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:24:39.472Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "External Interface"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "2026.3.1"
                }
              ]
            }
          ],
          "datePublic": "2026-06-01T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003eAn improper default configuration in OTRS 2026.3.1 causes ticket article forwarding actions to enforce the \u201cIs visible for customer\u201d flag by default and prevent users from disabling it via the UI. This leads to unintended exposure of internal ticket information to the External Frontend\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eThis issue affects OTRS 2026.3.1\u003c/div\u003e\u003c/div\u003e"
                }
              ],
              "value": "An improper default configuration in OTRS 2026.3.1 causes ticket article forwarding actions to enforce the \u201cIs visible for customer\u201d flag by default and prevent users from disabling it via the UI. This leads to unintended exposure of internal ticket information to the External Frontend\n\nThis issue affects OTRS 2026.3.1"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            },
            {
              "capecId": "CAPEC-180",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T03:33:42.079Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-09/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to latest version of OTRS (2026.4.1. or later).\u003cbr\u003e"
                }
              ],
              "value": "Update to latest version of OTRS (2026.4.1. or later)."
            }
          ],
          "source": {
            "advisory": "OSA-2026-09",
            "defect": [
              "Ticket#2026052110000321",
              "Issue#4853"
            ],
            "discovery": "USER"
          },
          "title": "Possible information disclosure via External Interface",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Go to Forms###AgentFrontend::TicketArticle::Action::Forward in System Configuration.\u0026nbsp;You will find that by Is visible for customer is a line Disabled: 1. Change it to\u0026nbsp;Disabled to 0 or remove it.\u0026nbsp;\u003cbr\u003e\u003cbr\u003e\u003cb\u003eCaution: Still the user has to check the checkbox on forwarding and uncheck it if needed\u003c/b\u003e"
                }
              ],
              "value": "Go to Forms###AgentFrontend::TicketArticle::Action::Forward in System Configuration.\u00a0You will find that by Is visible for customer is a line Disabled: 1. Change it to\u00a0Disabled to 0 or remove it.\u00a0\n\nCaution: Still the user has to check the checkbox on forwarding and uncheck it if needed"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2026-48210",
        "datePublished": "2026-05-31T21:11:25.337Z",
        "dateReserved": "2026-05-21T12:12:49.646Z",
        "dateUpdated": "2026-06-01T13:24:39.472Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24387 (GCVE-0-2025-24387)

    Vulnerability from nvd – Published: 2025-03-10 09:28 – Updated: 2025-03-10 13:12
    VLAI
    Title
    Missing CSRF protection
    Summary
    A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation.   This issue affects: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X * OTRS 2025.x
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1275 - Sensitive Cookie with Improper SameSite Attribute
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 7.0.x
    Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x
    Affected: 2025.x , ≤ 2025.1.2 (Patch)
    Create a notification for this product.
    Date Public
    2025-03-10 08:00
    Credits
    Special thanks to Alissa Kim for reporting this vulnerability.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24387",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-10T13:12:24.747437Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-10T13:12:40.237Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "modules": [
                "Application Server"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.x"
                },
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "status": "affected",
                  "version": "2024.x"
                },
                {
                  "lessThanOrEqual": "2025.1.2",
                  "status": "affected",
                  "version": "2025.x",
                  "versionType": "Patch"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Special thanks to Alissa Kim for reporting this vulnerability."
            }
          ],
          "datePublic": "2025-03-10T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eA vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive \ncookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation.\u003cbr\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cul\u003e\u003cli\u003eOTRS 7.0.X\u003c/li\u003e\u003cli\u003eOTRS 8.0.X\u003c/li\u003e\u003cli\u003eOTRS 2023.X\u003c/li\u003e\u003cli\u003eOTRS 2024.X\u003c/li\u003e\u003cli\u003eOTRS 2025.x \u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
                }
              ],
              "value": "A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive \ncookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation.\n\u00a0\n\nThis issue affects:\n\n  *  OTRS 7.0.X\n  *  OTRS 8.0.X\n  *  OTRS 2023.X\n  *  OTRS 2024.X\n  *  OTRS 2025.x"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-593",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-593 Session Hijacking"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1275",
                  "description": "CWE-1275: Sensitive Cookie with Improper SameSite Attribute",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-10T09:28:31.053Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2025-05/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2025.2.x. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2025.2.x. Please note that there will be no OTRS 7 patches"
            }
          ],
          "source": {
            "advisory": "OSA-2025-05",
            "defect": [
              "Issue#3080",
              "Ticket#2024110542002023"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Missing CSRF protection",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2025-24387",
        "datePublished": "2025-03-10T09:28:31.053Z",
        "dateReserved": "2025-01-21T09:09:58.720Z",
        "dateUpdated": "2025-03-10T13:12:40.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-6540 (GCVE-0-2024-6540)

    Vulnerability from nvd – Published: 2024-07-15 07:13 – Updated: 2024-08-01 21:41
    VLAI
    Title
    Information exlosure in external interface
    Summary
    Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing information about tickets of other customers. The problem only occurs if the TicketSearchLegacyEngine has been disabled by the administrator. This issue affects OTRS: 8.0.X, 2023.X, from 2024.X through 2024.4.x
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-790 - Improper Filtering of Special Elements
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x , ≤ 2024.4.x (Patch)
    Create a notification for this product.
    Date Public
    2024-07-15 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6540",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-15T13:10:12.804749Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-15T13:10:28.205Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:41:03.955Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-07/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "External interface"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "lessThanOrEqual": "2024.4.x",
                  "status": "affected",
                  "version": "2024.x",
                  "versionType": "Patch"
                }
              ]
            }
          ],
          "datePublic": "2024-07-15T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing information about tickets of other customers. The problem only occurs if the TicketSearchLegacyEngine has been disabled by the administrator.\u003cbr\u003e\u003cp\u003eThis issue affects OTRS: 8.0.X, 2023.X, from 2024.X through 2024.4.x\u003c/p\u003e"
                }
              ],
              "value": "Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing information about tickets of other customers. The problem only occurs if the TicketSearchLegacyEngine has been disabled by the administrator.\nThis issue affects OTRS: 8.0.X, 2023.X, from 2024.X through 2024.4.x\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-54",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-54 Query System for Information"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-790",
                  "description": "CWE-790 Improper Filtering of Special Elements",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T10:41:47.335Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-07/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2024.5.2\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2024.5.2\n"
            }
          ],
          "source": {
            "advisory": "OSA-2024-07",
            "defect": [
              "Issue##2638",
              "Ticket#2024070142001245"
            ],
            "discovery": "USER"
          },
          "title": "Information exlosure in external interface",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Have TicketSearchLegacyEngine enabled\u003cbr\u003e"
                }
              ],
              "value": "Have TicketSearchLegacyEngine enabled\n"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2024-6540",
        "datePublished": "2024-07-15T07:13:49.918Z",
        "dateReserved": "2024-07-08T07:35:49.064Z",
        "dateUpdated": "2024-08-01T21:41:03.955Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-23794 (GCVE-0-2024-23794)

    Vulnerability from nvd – Published: 2024-07-15 07:14 – Updated: 2024-08-01 23:13
    VLAI
    Title
    Agents are able to lock the ticket without the "Owner" permission
    Summary
    An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the setting 'RequiredLock' of 'AgentFrontend::Ticket::InlineEditing::Property###Watch' in the system configuration.This issue affects OTRS:  * 8.0.X * 2023.X * from 2024.X through 2024.4.x
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x , ≤ 2024.4.x (Patch)
    Create a notification for this product.
    Date Public
    2024-07-15 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-23794",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-16T14:46:31.889829Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-17T14:27:36.468Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T23:13:07.432Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-06/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "inline editing"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "lessThanOrEqual": "2024.4.x",
                  "status": "affected",
                  "version": "2024.x",
                  "versionType": "Patch"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The sub setting RequiredLock of AgentFrontend::Ticket::InlineEditing::Property###Watch has to be activated by an administrator first and Ticket::Permission###1-OwnerCheck is enabled (default)\u003cbr\u003e\u003ch2\u003e\u003cbr\u003e\u003c/h2\u003e\u003cbr\u003e"
                }
              ],
              "value": "The sub setting RequiredLock of AgentFrontend::Ticket::InlineEditing::Property###Watch has to be activated by an administrator first and Ticket::Permission###1-OwnerCheck is enabled (default)\n\n"
            }
          ],
          "datePublic": "2024-07-15T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the setting \u0027RequiredLock\u0027 of \u0027AgentFrontend::Ticket::InlineEditing::Property###Watch\u0027 in the system configuration.\u003cp\u003eThis issue affects OTRS:\u0026nbsp;\u003c/p\u003e\u003cul\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003efrom 2024.X through 2024.4.x\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the setting \u0027RequiredLock\u0027 of \u0027AgentFrontend::Ticket::InlineEditing::Property###Watch\u0027 in the system configuration.This issue affects OTRS:\u00a0\n\n  *  8.0.X\n  *  2023.X\n  *  from 2024.X through 2024.4.x\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "CWE-266 Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T10:41:01.694Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-06/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2024.5.2\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2024.5.2\n"
            }
          ],
          "source": {
            "advisory": "OSA-2024-06",
            "defect": [
              "Issue#2409",
              "Ticket#2024042342000433"
            ],
            "discovery": "USER"
          },
          "title": "Agents are able to lock the ticket without the \"Owner\" permission",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "deactivate RequiredLock of AgentFrontend::Ticket::InlineEditing::Property###Watch or disable Ticket::Permission###1-OwnerCheck\u003cbr\u003e"
                }
              ],
              "value": "deactivate RequiredLock of AgentFrontend::Ticket::InlineEditing::Property###Watch or disable Ticket::Permission###1-OwnerCheck\n"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2024-23794",
        "datePublished": "2024-07-15T07:14:09.557Z",
        "dateReserved": "2024-01-22T10:32:00.705Z",
        "dateUpdated": "2024-08-01T23:13:07.432Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-23792 (GCVE-0-2024-23792)

    Vulnerability from nvd – Published: 2024-01-29 09:20 – Updated: 2024-11-12 21:47
    VLAI
    Title
    Insufficient access control
    Summary
    When adding attachments to ticket comments, another user can add attachments as well impersonating the orginal user. The attack requires a logged-in other user to know the UUID. While the legitimate user completes the comment, the malicious user can add more files to the comment. This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    References
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 7.0.x , ≤ 7.0.48 (Patch)
    Affected: 8.0.x , ≤ 8.0.37 (Patch)
    Affected: 2023.x , ≤ 2023.1.1 (Patch)
    Create a notification for this product.
    Date Public
    2024-01-29 08:00
    Credits
    Special thanks to Matthias Püschel for reporting these vulnerability.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T23:13:07.447Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-03/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-23792",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-12T21:46:29.598781Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-12T21:47:04.433Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "internal API"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.48",
                  "status": "affected",
                  "version": "7.0.x",
                  "versionType": "Patch"
                },
                {
                  "lessThanOrEqual": "8.0.37",
                  "status": "affected",
                  "version": "8.0.x",
                  "versionType": "Patch"
                },
                {
                  "lessThanOrEqual": "2023.1.1",
                  "status": "affected",
                  "version": "2023.x",
                  "versionType": "Patch"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Special thanks to Matthias P\u00fcschel for reporting these vulnerability."
            }
          ],
          "datePublic": "2024-01-29T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eWhen adding attachments to ticket comments, \nanother user can add attachments as well impersonating the orginal user. The attack requires a \nlogged-in other user to know the UUID. While the legitimate user \ncompletes the comment, the malicious user can add more files to the \ncomment.\u003c/p\u003e\u003cp\u003eThis issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.\u003c/p\u003e"
                }
              ],
              "value": "When adding attachments to ticket comments, \nanother user can add attachments as well impersonating the orginal user. The attack requires a \nlogged-in other user to know the UUID. While the legitimate user \ncompletes the comment, the malicious user can add more files to the \ncomment.\n\nThis issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-194",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-194 Fake the Source of Data"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-29T09:20:40.920Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-03/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003eUpdate to OTRS Patch 2024.1.1\u003c/div\u003e\u003cdiv\u003eUpdate to OTRS 7.0.49 (Long Term Support Users)\u003c/div\u003e"
                }
              ],
              "value": "Update to OTRS Patch 2024.1.1\n\nUpdate to OTRS 7.0.49 (Long Term Support Users)\n\n"
            }
          ],
          "source": {
            "advisory": "OSA-2024-03",
            "defect": [
              "Issue#1392",
              "Ticket#2023083042000825"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Insufficient access control",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2024-23792",
        "datePublished": "2024-01-29T09:20:06.829Z",
        "dateReserved": "2024-01-22T10:32:00.704Z",
        "dateUpdated": "2024-11-12T21:47:04.433Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-23791 (GCVE-0-2024-23791)

    Vulnerability from nvd – Published: 2024-01-29 09:21 – Updated: 2025-05-29 15:10
    VLAI
    Title
    Unnecessary data is written to log if issues during indexing occurs
    Summary
    Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-532 - Insertion of Sensitive Information into Log File
    Assigner
    References
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 7.0.x , ≤ 7.0.48 (Patch)
    Affected: 8.0.x , ≤ 8.0.37 (Patch)
    Affected: 2023.x , ≤ 2023.1.1 (Patch)
    Create a notification for this product.
    Date Public
    2024-01-29 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T23:13:07.364Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-02/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-23791",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T15:50:47.563428Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-29T15:10:14.868Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "modules": [
                "Log Backend"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.48",
                  "status": "affected",
                  "version": "7.0.x",
                  "versionType": "Patch"
                },
                {
                  "lessThanOrEqual": "8.0.37",
                  "status": "affected",
                  "version": "8.0.x",
                  "versionType": "Patch"
                },
                {
                  "lessThanOrEqual": "2023.1.1",
                  "status": "affected",
                  "version": "2023.x",
                  "versionType": "Patch"
                }
              ]
            }
          ],
          "datePublic": "2024-01-29T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.\u003cp\u003eThis issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.\u003c/p\u003e"
                }
              ],
              "value": "Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-545",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-545 Pull Data from System Resources"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-532",
                  "description": "CWE-532 Insertion of Sensitive Information into Log File",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-29T09:21:00.278Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-02/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003eUpdate to OTRS Patch 2024.1.1\u003c/div\u003e\u003cdiv\u003eUpdate to OTRS 7.0.49 (Long Term Support Users)\u003c/div\u003e\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS Patch 2024.1.1\n\nUpdate to OTRS 7.0.49 (Long Term Support Users)\n\n"
            }
          ],
          "source": {
            "advisory": "OSA-2024-02",
            "defect": [
              "Issue#1224",
              "Ticket#2021091742001128"
            ],
            "discovery": "USER"
          },
          "title": "Unnecessary data is written to log if issues during indexing occurs",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2024-23791",
        "datePublished": "2024-01-29T09:21:00.278Z",
        "dateReserved": "2024-01-22T10:32:00.704Z",
        "dateUpdated": "2025-05-29T15:10:14.868Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-23790 (GCVE-0-2024-23790)

    Vulnerability from nvd – Published: 2024-01-29 09:21 – Updated: 2025-06-17 21:29
    VLAI
    Title
    Missing file type check in avatar picture upload
    Summary
    Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes. This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023 through 2023.1.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 8.0.x , ≤ 8.0.37 (Patch)
    Affected: 2023 , ≤ 2023.1.1 (Patch)
    Affected: 7.0.x , ≤ 7.0.48 (Patch)
    Create a notification for this product.
    Date Public
    2024-01-29 08:00
    Credits
    Special thanks to Matthias Püschel for reporting these vulnerability.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T23:13:07.512Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-01/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-23790",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-29T13:20:27.471691Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:29:17.700Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "modules": [
                "Agent Interface",
                "External Interface"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "lessThanOrEqual": "8.0.37",
                  "status": "affected",
                  "version": "8.0.x",
                  "versionType": "Patch"
                },
                {
                  "lessThanOrEqual": "2023.1.1",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "Patch"
                },
                {
                  "lessThanOrEqual": "7.0.48",
                  "status": "affected",
                  "version": "7.0.x",
                  "versionType": "Patch"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Special thanks to Matthias P\u00fcschel for reporting these vulnerability."
            }
          ],
          "datePublic": "2024-01-29T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes.\u003cbr\u003e\u003cp\u003eThis issue affects OTRS:  from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023 through 2023.1.1.\u003c/p\u003e"
                }
              ],
              "value": "Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes.\nThis issue affects OTRS:  from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023 through 2023.1.1.\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-212",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-212 Functionality Misuse"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-29T09:21:14.996Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-01/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003eUpdate to OTRS Patch 2024.1.1\u003c/div\u003e\u003cdiv\u003eUpdate to OTRS 7.0.49 (Long Term Support Users)\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS Patch 2024.1.1\n\nUpdate to OTRS 7.0.49 (Long Term Support Users)\n\n"
            }
          ],
          "source": {
            "advisory": "OSA-2024-01",
            "defect": [
              "Ticket#2023083042000825",
              "Issue#1306"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Missing file type check in avatar picture upload",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2024-23790",
        "datePublished": "2024-01-29T09:21:14.996Z",
        "dateReserved": "2024-01-22T10:32:00.704Z",
        "dateUpdated": "2025-06-17T21:29:17.700Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-6254 (GCVE-0-2023-6254)

    Vulnerability from nvd – Published: 2023-11-27 09:44 – Updated: 2024-10-15 17:45
    VLAI
    Title
    Password is send back to client
    Summary
    A Vulnerability in OTRS AgentInterface and ExternalInterface allows the reading of plain text passwords which are send back to the client in the server response- This issue affects OTRS: from 8.0.X through 8.0.37.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-522 - Insufficiently Protected Credentials
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 8.0.x , ≤ 8.0.37 (Patch)
    Create a notification for this product.
    Date Public
    2023-11-27 08:00
    Credits
    Special thanks to Matthias Püschel for reporting these vulnerability.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:28:20.391Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://otrs.com/release-notes/otrs-security-advisory-2023-11/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6254",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-15T17:15:14.848049Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-15T17:45:11.912Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "AgentInterface",
                "ExternalInterface"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "lessThanOrEqual": "8.0.37",
                  "status": "affected",
                  "version": "8.0.x",
                  "versionType": "Patch"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Special thanks to Matthias P\u00fcschel for reporting these vulnerability."
            }
          ],
          "datePublic": "2023-11-27T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A Vulnerability in OTRS AgentInterface and ExternalInterface allows the reading of plain text passwords which are send back to the client in the server response-\u003cbr\u003e\u003cp\u003eThis issue affects OTRS: from 8.0.X through 8.0.37.\u003c/p\u003e"
                }
              ],
              "value": "A Vulnerability in OTRS AgentInterface and ExternalInterface allows the reading of plain text passwords which are send back to the client in the server response-\nThis issue affects OTRS: from 8.0.X through 8.0.37.\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-555",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-555 Remote Services with Stolen Credentials"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-522",
                  "description": "CWE-522 Insufficiently Protected Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-27T09:44:00.273Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2023-11/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS Patch 2023.1.1\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS Patch 2023.1.1\n"
            }
          ],
          "source": {
            "advisory": "OSA-2023-11",
            "defect": [
              "Issue#1390",
              "Ticket#2023083042000825"
            ],
            "discovery": "USER"
          },
          "title": "Password is send back to client",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2023-6254",
        "datePublished": "2023-11-27T09:44:00.273Z",
        "dateReserved": "2023-11-22T12:14:39.322Z",
        "dateUpdated": "2024-10-15T17:45:11.912Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-48187 (GCVE-0-2026-48187)

    Vulnerability from cvelistv5 – Published: 2026-06-01 03:33 – Updated: 2026-06-01 13:17
    VLAI
    Title
    Email with special content can lead to DoS
    Summary
    An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocation which may lead to the abortion of the webserver.This issue affects OTRS: * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X Please note that ((OTRS)) Community Edition 6.x, OTRS 7.x and products based on the ((OTRS)) Community Edition also very likely to be affected
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Unknown: 7.0.x
    Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x
    Affected: 2025.x
    Affected: 2026.x , ≤ 2026.3.x (patch)
    Create a notification for this product.
    OTRS AG ((OTRS)) Community Edition Unknown: 6.x
    Create a notification for this product.
    Date Public
    2026-06-01 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48187",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:16:53.155447Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:17:04.742Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "modules": [
                "Mail Backend"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "unknown",
                  "version": "7.0.x"
                },
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "status": "affected",
                  "version": "2024.x"
                },
                {
                  "status": "affected",
                  "version": "2025.x"
                },
                {
                  "lessThanOrEqual": "2026.3.x",
                  "status": "affected",
                  "version": "2026.x",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "((OTRS)) Community Edition",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "unknown",
                  "version": "6.x"
                }
              ]
            }
          ],
          "datePublic": "2026-06-01T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocation which may lead to the abortion of the webserver.\u003cp\u003eThis issue affects OTRS:\u003c/p\u003e\u003cul\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003ePlease note that ((OTRS)) Community Edition 6.x, OTRS 7.x and products based on the ((OTRS)) Community Edition also very likely to be affected"
                }
              ],
              "value": "An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocation which may lead to the abortion of the webserver.This issue affects OTRS:\n\n  *  8.0.X\n  *  2023.X\n  *  2024.X\n  *  2025.X\n  *  2026.X before 2026.4.X\n\nPlease note that ((OTRS)) Community Edition 6.x, OTRS 7.x and products based on the ((OTRS)) Community Edition also very likely to be affected"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T03:33:23.990Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-06/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
            }
          ],
          "source": {
            "advisory": "OSA-2026-06",
            "defect": [
              "Ticket#2026052110000214",
              "Issue#3890"
            ],
            "discovery": "USER"
          },
          "title": "Email with special content can lead to DoS",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2026-48187",
        "datePublished": "2026-06-01T03:33:23.990Z",
        "dateReserved": "2026-05-21T07:53:13.253Z",
        "dateUpdated": "2026-06-01T13:17:04.742Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48188 (GCVE-0-2026-48188)

    Vulnerability from cvelistv5 – Published: 2026-06-01 03:33 – Updated: 2026-06-01 13:17
    VLAI
    Title
    SQL Injection via MySQL Quote Method
    Summary
    An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if the MySQL/MariaDB server is configured with the NO_BACKSLASH_ESCAPES SQL mode. This issue affects OTRS: * 7.0.X * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X * (OTRS)) Community Edition: 6.0.x Products based on the ((OTRS)) Community Edition also very likely to be affected
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 7.0.x
    Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x
    Affected: 2025.x
    Affected: 2026.x , ≤ 2026.3.x (patch)
    Create a notification for this product.
    OTRS AG ((OTRS)) Community Edition Affected: 6.x
    Create a notification for this product.
    Date Public
    2026-06-01 07:00
    Credits
    Special thanks to Daniel Triznafor reporting this vulnerability
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48188",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:17:22.840595Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:17:31.447Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "modules": [
                "Database Layer"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.x"
                },
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "status": "affected",
                  "version": "2024.x"
                },
                {
                  "status": "affected",
                  "version": "2025.x"
                },
                {
                  "lessThanOrEqual": "2026.3.x",
                  "status": "affected",
                  "version": "2026.x",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "((OTRS)) Community Edition",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.x"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Special thanks to Daniel Triznafor reporting this vulnerability"
            }
          ],
          "datePublic": "2026-06-01T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition\u0026nbsp;database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if\u0026nbsp;the MySQL/MariaDB server is configured with the \u003ccode\u003eNO_BACKSLASH_ESCAPES\u003c/code\u003e SQL mode.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS: \u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003cli\u003e(OTRS)) Community Edition: 6.0.x\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cdiv\u003eProducts based on the ((OTRS)) Community Edition also very likely to be affected\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition\u00a0database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if\u00a0the MySQL/MariaDB server is configured with the NO_BACKSLASH_ESCAPES SQL mode.\n\nThis issue affects OTRS: \n\n  *  7.0.X\n  *  8.0.X\n  *  2023.X\n  *  2024.X\n  *  2025.X\n  *  2026.X before 2026.4.X\n  *  (OTRS)) Community Edition: 6.0.x\n\nProducts based on the ((OTRS)) Community Edition also very likely to be affected"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T03:33:15.822Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-02/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
            }
          ],
          "source": {
            "advisory": "OSA-2026-02",
            "defect": [
              "Ticket#2026052110000134",
              "Issue#4824",
              "Issue#4859"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "SQL Injection via MySQL Quote Method",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Reconfigure\u0026nbsp;MySQL/MariaDB servernot to use\u0026nbsp;\u003ccode\u003eNO_BACKSLASH_ESCAPES\u003c/code\u003e SQL"
                }
              ],
              "value": "Reconfigure\u00a0MySQL/MariaDB servernot to use\u00a0NO_BACKSLASH_ESCAPES SQL"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2026-48188",
        "datePublished": "2026-06-01T03:33:15.822Z",
        "dateReserved": "2026-05-21T07:53:13.254Z",
        "dateUpdated": "2026-06-01T13:17:31.447Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48189 (GCVE-0-2026-48189)

    Vulnerability from cvelistv5 – Published: 2026-06-01 03:33 – Updated: 2026-06-01 13:14
    VLAI
    Title
    Bypass DedicatedAgentToCustomerGroups Setting
    Summary
    An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and CustomerGroupSupport has to be used to be affected. This issue affects OTRS: * 7.0.X * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 7.0.x
    Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x
    Affected: 2025.x
    Affected: 2026.x , ≤ 2026.3.x (patch)
    Create a notification for this product.
    Date Public
    2026-06-01 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48189",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:14:38.008285Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:14:49.791Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "modules": [
                "Customer Backend"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.x"
                },
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "status": "affected",
                  "version": "2024.x"
                },
                {
                  "status": "affected",
                  "version": "2025.x"
                },
                {
                  "lessThanOrEqual": "2026.3.x",
                  "status": "affected",
                  "version": "2026.x",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-01T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and\u0026nbsp;\u003ccode\u003eCustomerGroupSupport\u003c/code\u003e\u0026nbsp;has to be used to be affected.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS: \u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and\u00a0CustomerGroupSupport\u00a0has to be used to be affected.\n\nThis issue affects OTRS: \n\n  *  7.0.X\n  *  8.0.X\n  *  2023.X\n  *  2024.X\n  *  2025.X\n  *  2026.X before 2026.4.X"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-54",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-54 Query System for Information"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T03:33:03.373Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-03/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
            }
          ],
          "source": {
            "advisory": "OSA-2026-03",
            "defect": [
              "Ticket#2026052110000161",
              "Issue#3780"
            ],
            "discovery": "USER"
          },
          "title": "Bypass DedicatedAgentToCustomerGroups Setting",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2026-48189",
        "datePublished": "2026-06-01T03:33:03.373Z",
        "dateReserved": "2026-05-21T07:53:13.254Z",
        "dateUpdated": "2026-06-01T13:14:49.791Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48190 (GCVE-0-2026-48190)

    Vulnerability from cvelistv5 – Published: 2026-06-01 03:32 – Updated: 2026-06-01 13:18
    VLAI
    Title
    Incorrect handling of permissions in External Interface Config Item List module
    Summary
    An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and CustomerGroupSupport has to be used to be affected. This issue affects OTRS: * 7.0.X * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 7.0.x
    Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x
    Affected: 2025.x
    Affected: 2026.x , ≤ 2026.3.x (patch)
    Create a notification for this product.
    Date Public
    2026-06-01 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48190",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:18:28.357530Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:18:37.055Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "modules": [
                "External Interface",
                "ConfigItem List"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.x"
                },
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "status": "affected",
                  "version": "2024.x"
                },
                {
                  "status": "affected",
                  "version": "2025.x"
                },
                {
                  "lessThanOrEqual": "2026.3.x",
                  "status": "affected",
                  "version": "2026.x",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-01T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and \u003ccode\u003eCustomerGroupSupport\u003c/code\u003e\u0026nbsp;has to be used to be affected.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS: \u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and CustomerGroupSupport\u00a0has to be used to be affected.\n\nThis issue affects OTRS: \n\n  *  7.0.X\n  *  8.0.X\n  *  2023.X\n  *  2024.X\n  *  2025.X\n  *  2026.X before 2026.4.X"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-54",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-54 Query System for Information"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276 Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T03:32:53.621Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-04/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
            }
          ],
          "source": {
            "advisory": "OSA-2026-04",
            "defect": [
              "Ticket#2026052110000171",
              "Issue#3939"
            ],
            "discovery": "USER"
          },
          "title": "Incorrect handling of permissions in External Interface Config Item List module",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2026-48190",
        "datePublished": "2026-06-01T03:32:53.621Z",
        "dateReserved": "2026-05-21T07:53:13.254Z",
        "dateUpdated": "2026-06-01T13:18:37.055Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48191 (GCVE-0-2026-48191)

    Vulnerability from cvelistv5 – Published: 2026-06-01 03:32 – Updated: 2026-06-01 13:18
    VLAI
    Title
    Wrong Permission Handling in Document Search Article Meta Filters
    Summary
    An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them. This issue affects OTRS with STORM modules: * 7.0.X * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Unknown: 7.0.x
    Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x
    Affected: 2025.x
    Affected: 2026.x , ≤ 2026.3.x (patch)
    Create a notification for this product.
    Date Public
    2026-06-01 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48191",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:18:50.061709Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:18:59.494Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "modules": [
                "Document Search Article Meta Filters"
              ],
              "packageName": "STORM",
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "unknown",
                  "version": "7.0.x"
                },
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "status": "affected",
                  "version": "2024.x"
                },
                {
                  "status": "affected",
                  "version": "2025.x"
                },
                {
                  "lessThanOrEqual": "2026.3.x",
                  "status": "affected",
                  "version": "2026.x",
                  "versionType": "patch"
                }
              ]
            }
          ],
          "datePublic": "2026-06-01T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS with STORM modules: \u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them.\n\nThis issue affects OTRS with STORM modules: \n\n  *  7.0.X\n  *  8.0.X\n  *  2023.X\n  *  2024.X\n  *  2025.X\n  *  2026.X before 2026.4.X"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-54",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-54 Query System for Information"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276 Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T03:32:47.624Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-05/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
            }
          ],
          "source": {
            "advisory": "OSA-2026-05",
            "defect": [
              "Ticket#2026052110000189",
              "Issue#4041"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Wrong Permission Handling in Document Search Article Meta Filters",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2026-48191",
        "datePublished": "2026-06-01T03:32:47.624Z",
        "dateReserved": "2026-05-21T07:53:13.254Z",
        "dateUpdated": "2026-06-01T13:18:59.494Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48208 (GCVE-0-2026-48208)

    Vulnerability from cvelistv5 – Published: 2026-06-01 03:32 – Updated: 2026-06-01 13:19
    VLAI
    Title
    Denial-of-Service via SVG Rendering in Ticket
    Summary
    An improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article rendering allows attackers to inject specially crafted SVG payloads via email content, leading to browser-side resource exhaustion and denial of service when affected tickets are opened by an agent or customer. The issue can be exploited without JavaScript execution and is not mitigated by the configured Content Security Policy (CSP). This issue affects OTRS: * 7.0.X * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X Please note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    • CWE-791 - Incomplete Filtering of Special Elements
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 7.0.x
    Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x
    Affected: 2025.x
    Affected: 2026.x , ≤ 2026.3.x (patch)
    Create a notification for this product.
    OTRS AG ((OTRS)) Community Edition Affected: 6.x
    Create a notification for this product.
    Date Public
    2026-06-01 07:00
    Credits
    Special thanks to Daniel Triznafor reporting this vulnerability
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48208",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:19:13.837405Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:19:22.939Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "modules": [
                "Agent Frontend",
                "External Interface"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.x"
                },
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "status": "affected",
                  "version": "2024.x"
                },
                {
                  "status": "affected",
                  "version": "2025.x"
                },
                {
                  "lessThanOrEqual": "2026.3.x",
                  "status": "affected",
                  "version": "2026.x",
                  "versionType": "patch"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "modules": [
                "Agent Frontend",
                "External Interface"
              ],
              "product": "((OTRS)) Community Edition",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.x"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Special thanks to Daniel Triznafor reporting this vulnerability"
            }
          ],
          "datePublic": "2026-06-01T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAn improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article rendering allows attackers to inject specially crafted SVG payloads via email content, leading to browser-side resource exhaustion and denial of service when affected tickets are opened by an agent or customer. The issue can be exploited without JavaScript execution and is not mitigated by the configured Content Security Policy (CSP).\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS:\u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003ePlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "An improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article rendering allows attackers to inject specially crafted SVG payloads via email content, leading to browser-side resource exhaustion and denial of service when affected tickets are opened by an agent or customer. The issue can be exploited without JavaScript execution and is not mitigated by the configured Content Security Policy (CSP).\n\nThis issue affects OTRS:\n\n  *  7.0.X\n  *  8.0.X\n  *  2023.X\n  *  2024.X\n  *  2025.X\n  *  2026.X before 2026.4.X\n\nPlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-791",
                  "description": "CWE-791 Incomplete Filtering of Special Elements",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T03:32:38.926Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-07/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
            }
          ],
          "source": {
            "advisory": "OSA-2026-07",
            "defect": [
              "Ticket#2026052110000251",
              "Issue#4802"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Denial-of-Service via SVG Rendering in Ticket",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2026-48208",
        "datePublished": "2026-06-01T03:32:38.926Z",
        "dateReserved": "2026-05-21T12:12:49.645Z",
        "dateUpdated": "2026-06-01T13:19:22.939Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48209 (GCVE-0-2026-48209)

    Vulnerability from cvelistv5 – Published: 2026-06-01 03:32 – Updated: 2026-06-01 13:19
    VLAI
    Title
    Reflected XSS in authenticated agent context
    Summary
    An improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened. This issue affects OTRS: * 7.0.x Please note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    • CWE-116 - Improper Encoding or Escaping of Output
    Assigner
    Impacted products
    Date Public
    2026-06-01 07:00
    Credits
    Special thanks to William Bastos (@chor4o) for reporting this vulnerability
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48209",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:19:36.979966Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:19:45.357Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.x"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "((OTRS)) Community Edition",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.x"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Special thanks to William Bastos (@chor4o) for reporting this vulnerability"
            }
          ],
          "datePublic": "2026-06-01T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003eAn improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eThis issue affects OTRS:\u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.x\u003c/li\u003e\u003c/ul\u003ePlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e"
                }
              ],
              "value": "An improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened.\n\nThis issue affects OTRS:\n\n  *  7.0.x\n\nPlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-63",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-63 Cross-Site Scripting (XSS)"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-116",
                  "description": "CWE-116 Improper Encoding or Escaping of Output",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T03:32:28.473Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-08/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to latest version of OTRS (2026.4.1. or later). Please note that there will be no OTRS 7 patches\u003cbr\u003e"
                }
              ],
              "value": "Update to latest version of OTRS (2026.4.1. or later). Please note that there will be no OTRS 7 patches"
            }
          ],
          "source": {
            "advisory": "OSA-2026-08",
            "defect": [
              "Ticket#2026052110000287",
              "Ticket#2026041442001606"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Reflected XSS in authenticated agent context",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2026-48209",
        "datePublished": "2026-06-01T03:32:28.473Z",
        "dateReserved": "2026-05-21T12:12:49.645Z",
        "dateUpdated": "2026-06-01T13:19:45.357Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48210 (GCVE-0-2026-48210)

    Vulnerability from cvelistv5 – Published: 2026-05-31 21:11 – Updated: 2026-06-01 13:24
    VLAI
    Title
    Possible information disclosure via External Interface
    Summary
    An improper default configuration in OTRS 2026.3.1 causes ticket article forwarding actions to enforce the “Is visible for customer” flag by default and prevent users from disabling it via the UI. This leads to unintended exposure of internal ticket information to the External Frontend This issue affects OTRS 2026.3.1
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 2026.3.1
    Create a notification for this product.
    Date Public
    2026-06-01 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48210",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:24:29.483981Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:24:39.472Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "External Interface"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "2026.3.1"
                }
              ]
            }
          ],
          "datePublic": "2026-06-01T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003eAn improper default configuration in OTRS 2026.3.1 causes ticket article forwarding actions to enforce the \u201cIs visible for customer\u201d flag by default and prevent users from disabling it via the UI. This leads to unintended exposure of internal ticket information to the External Frontend\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eThis issue affects OTRS 2026.3.1\u003c/div\u003e\u003c/div\u003e"
                }
              ],
              "value": "An improper default configuration in OTRS 2026.3.1 causes ticket article forwarding actions to enforce the \u201cIs visible for customer\u201d flag by default and prevent users from disabling it via the UI. This leads to unintended exposure of internal ticket information to the External Frontend\n\nThis issue affects OTRS 2026.3.1"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            },
            {
              "capecId": "CAPEC-180",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T03:33:42.079Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-09/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to latest version of OTRS (2026.4.1. or later).\u003cbr\u003e"
                }
              ],
              "value": "Update to latest version of OTRS (2026.4.1. or later)."
            }
          ],
          "source": {
            "advisory": "OSA-2026-09",
            "defect": [
              "Ticket#2026052110000321",
              "Issue#4853"
            ],
            "discovery": "USER"
          },
          "title": "Possible information disclosure via External Interface",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Go to Forms###AgentFrontend::TicketArticle::Action::Forward in System Configuration.\u0026nbsp;You will find that by Is visible for customer is a line Disabled: 1. Change it to\u0026nbsp;Disabled to 0 or remove it.\u0026nbsp;\u003cbr\u003e\u003cbr\u003e\u003cb\u003eCaution: Still the user has to check the checkbox on forwarding and uncheck it if needed\u003c/b\u003e"
                }
              ],
              "value": "Go to Forms###AgentFrontend::TicketArticle::Action::Forward in System Configuration.\u00a0You will find that by Is visible for customer is a line Disabled: 1. Change it to\u00a0Disabled to 0 or remove it.\u00a0\n\nCaution: Still the user has to check the checkbox on forwarding and uncheck it if needed"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2026-48210",
        "datePublished": "2026-05-31T21:11:25.337Z",
        "dateReserved": "2026-05-21T12:12:49.646Z",
        "dateUpdated": "2026-06-01T13:24:39.472Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24387 (GCVE-0-2025-24387)

    Vulnerability from cvelistv5 – Published: 2025-03-10 09:28 – Updated: 2025-03-10 13:12
    VLAI
    Title
    Missing CSRF protection
    Summary
    A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation.   This issue affects: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X * OTRS 2025.x
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1275 - Sensitive Cookie with Improper SameSite Attribute
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 7.0.x
    Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x
    Affected: 2025.x , ≤ 2025.1.2 (Patch)
    Create a notification for this product.
    Date Public
    2025-03-10 08:00
    Credits
    Special thanks to Alissa Kim for reporting this vulnerability.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24387",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-10T13:12:24.747437Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-10T13:12:40.237Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "modules": [
                "Application Server"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.x"
                },
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "status": "affected",
                  "version": "2024.x"
                },
                {
                  "lessThanOrEqual": "2025.1.2",
                  "status": "affected",
                  "version": "2025.x",
                  "versionType": "Patch"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Special thanks to Alissa Kim for reporting this vulnerability."
            }
          ],
          "datePublic": "2025-03-10T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eA vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive \ncookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation.\u003cbr\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cul\u003e\u003cli\u003eOTRS 7.0.X\u003c/li\u003e\u003cli\u003eOTRS 8.0.X\u003c/li\u003e\u003cli\u003eOTRS 2023.X\u003c/li\u003e\u003cli\u003eOTRS 2024.X\u003c/li\u003e\u003cli\u003eOTRS 2025.x \u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
                }
              ],
              "value": "A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive \ncookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation.\n\u00a0\n\nThis issue affects:\n\n  *  OTRS 7.0.X\n  *  OTRS 8.0.X\n  *  OTRS 2023.X\n  *  OTRS 2024.X\n  *  OTRS 2025.x"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-593",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-593 Session Hijacking"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1275",
                  "description": "CWE-1275: Sensitive Cookie with Improper SameSite Attribute",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-10T09:28:31.053Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2025-05/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2025.2.x. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2025.2.x. Please note that there will be no OTRS 7 patches"
            }
          ],
          "source": {
            "advisory": "OSA-2025-05",
            "defect": [
              "Issue#3080",
              "Ticket#2024110542002023"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Missing CSRF protection",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2025-24387",
        "datePublished": "2025-03-10T09:28:31.053Z",
        "dateReserved": "2025-01-21T09:09:58.720Z",
        "dateUpdated": "2025-03-10T13:12:40.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-23794 (GCVE-0-2024-23794)

    Vulnerability from cvelistv5 – Published: 2024-07-15 07:14 – Updated: 2024-08-01 23:13
    VLAI
    Title
    Agents are able to lock the ticket without the "Owner" permission
    Summary
    An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the setting 'RequiredLock' of 'AgentFrontend::Ticket::InlineEditing::Property###Watch' in the system configuration.This issue affects OTRS:  * 8.0.X * 2023.X * from 2024.X through 2024.4.x
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x , ≤ 2024.4.x (Patch)
    Create a notification for this product.
    Date Public
    2024-07-15 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-23794",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-16T14:46:31.889829Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-17T14:27:36.468Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T23:13:07.432Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-06/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "inline editing"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "lessThanOrEqual": "2024.4.x",
                  "status": "affected",
                  "version": "2024.x",
                  "versionType": "Patch"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The sub setting RequiredLock of AgentFrontend::Ticket::InlineEditing::Property###Watch has to be activated by an administrator first and Ticket::Permission###1-OwnerCheck is enabled (default)\u003cbr\u003e\u003ch2\u003e\u003cbr\u003e\u003c/h2\u003e\u003cbr\u003e"
                }
              ],
              "value": "The sub setting RequiredLock of AgentFrontend::Ticket::InlineEditing::Property###Watch has to be activated by an administrator first and Ticket::Permission###1-OwnerCheck is enabled (default)\n\n"
            }
          ],
          "datePublic": "2024-07-15T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the setting \u0027RequiredLock\u0027 of \u0027AgentFrontend::Ticket::InlineEditing::Property###Watch\u0027 in the system configuration.\u003cp\u003eThis issue affects OTRS:\u0026nbsp;\u003c/p\u003e\u003cul\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003efrom 2024.X through 2024.4.x\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the setting \u0027RequiredLock\u0027 of \u0027AgentFrontend::Ticket::InlineEditing::Property###Watch\u0027 in the system configuration.This issue affects OTRS:\u00a0\n\n  *  8.0.X\n  *  2023.X\n  *  from 2024.X through 2024.4.x\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "CWE-266 Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T10:41:01.694Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-06/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2024.5.2\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2024.5.2\n"
            }
          ],
          "source": {
            "advisory": "OSA-2024-06",
            "defect": [
              "Issue#2409",
              "Ticket#2024042342000433"
            ],
            "discovery": "USER"
          },
          "title": "Agents are able to lock the ticket without the \"Owner\" permission",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "deactivate RequiredLock of AgentFrontend::Ticket::InlineEditing::Property###Watch or disable Ticket::Permission###1-OwnerCheck\u003cbr\u003e"
                }
              ],
              "value": "deactivate RequiredLock of AgentFrontend::Ticket::InlineEditing::Property###Watch or disable Ticket::Permission###1-OwnerCheck\n"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2024-23794",
        "datePublished": "2024-07-15T07:14:09.557Z",
        "dateReserved": "2024-01-22T10:32:00.705Z",
        "dateUpdated": "2024-08-01T23:13:07.432Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-6540 (GCVE-0-2024-6540)

    Vulnerability from cvelistv5 – Published: 2024-07-15 07:13 – Updated: 2024-08-01 21:41
    VLAI
    Title
    Information exlosure in external interface
    Summary
    Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing information about tickets of other customers. The problem only occurs if the TicketSearchLegacyEngine has been disabled by the administrator. This issue affects OTRS: 8.0.X, 2023.X, from 2024.X through 2024.4.x
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-790 - Improper Filtering of Special Elements
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 8.0.x
    Affected: 2023.x
    Affected: 2024.x , ≤ 2024.4.x (Patch)
    Create a notification for this product.
    Date Public
    2024-07-15 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6540",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-15T13:10:12.804749Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-15T13:10:28.205Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:41:03.955Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-07/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "External interface"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.0.x"
                },
                {
                  "status": "affected",
                  "version": "2023.x"
                },
                {
                  "lessThanOrEqual": "2024.4.x",
                  "status": "affected",
                  "version": "2024.x",
                  "versionType": "Patch"
                }
              ]
            }
          ],
          "datePublic": "2024-07-15T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing information about tickets of other customers. The problem only occurs if the TicketSearchLegacyEngine has been disabled by the administrator.\u003cbr\u003e\u003cp\u003eThis issue affects OTRS: 8.0.X, 2023.X, from 2024.X through 2024.4.x\u003c/p\u003e"
                }
              ],
              "value": "Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing information about tickets of other customers. The problem only occurs if the TicketSearchLegacyEngine has been disabled by the administrator.\nThis issue affects OTRS: 8.0.X, 2023.X, from 2024.X through 2024.4.x\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-54",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-54 Query System for Information"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-790",
                  "description": "CWE-790 Improper Filtering of Special Elements",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T10:41:47.335Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-07/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS 2024.5.2\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS 2024.5.2\n"
            }
          ],
          "source": {
            "advisory": "OSA-2024-07",
            "defect": [
              "Issue##2638",
              "Ticket#2024070142001245"
            ],
            "discovery": "USER"
          },
          "title": "Information exlosure in external interface",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Have TicketSearchLegacyEngine enabled\u003cbr\u003e"
                }
              ],
              "value": "Have TicketSearchLegacyEngine enabled\n"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2024-6540",
        "datePublished": "2024-07-15T07:13:49.918Z",
        "dateReserved": "2024-07-08T07:35:49.064Z",
        "dateUpdated": "2024-08-01T21:41:03.955Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-23790 (GCVE-0-2024-23790)

    Vulnerability from cvelistv5 – Published: 2024-01-29 09:21 – Updated: 2025-06-17 21:29
    VLAI
    Title
    Missing file type check in avatar picture upload
    Summary
    Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes. This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023 through 2023.1.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 8.0.x , ≤ 8.0.37 (Patch)
    Affected: 2023 , ≤ 2023.1.1 (Patch)
    Affected: 7.0.x , ≤ 7.0.48 (Patch)
    Create a notification for this product.
    Date Public
    2024-01-29 08:00
    Credits
    Special thanks to Matthias Püschel for reporting these vulnerability.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T23:13:07.512Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-01/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-23790",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-29T13:20:27.471691Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:29:17.700Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "modules": [
                "Agent Interface",
                "External Interface"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "lessThanOrEqual": "8.0.37",
                  "status": "affected",
                  "version": "8.0.x",
                  "versionType": "Patch"
                },
                {
                  "lessThanOrEqual": "2023.1.1",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "Patch"
                },
                {
                  "lessThanOrEqual": "7.0.48",
                  "status": "affected",
                  "version": "7.0.x",
                  "versionType": "Patch"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Special thanks to Matthias P\u00fcschel for reporting these vulnerability."
            }
          ],
          "datePublic": "2024-01-29T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes.\u003cbr\u003e\u003cp\u003eThis issue affects OTRS:  from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023 through 2023.1.1.\u003c/p\u003e"
                }
              ],
              "value": "Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes.\nThis issue affects OTRS:  from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023 through 2023.1.1.\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-212",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-212 Functionality Misuse"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-29T09:21:14.996Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-01/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003eUpdate to OTRS Patch 2024.1.1\u003c/div\u003e\u003cdiv\u003eUpdate to OTRS 7.0.49 (Long Term Support Users)\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS Patch 2024.1.1\n\nUpdate to OTRS 7.0.49 (Long Term Support Users)\n\n"
            }
          ],
          "source": {
            "advisory": "OSA-2024-01",
            "defect": [
              "Ticket#2023083042000825",
              "Issue#1306"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Missing file type check in avatar picture upload",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2024-23790",
        "datePublished": "2024-01-29T09:21:14.996Z",
        "dateReserved": "2024-01-22T10:32:00.704Z",
        "dateUpdated": "2025-06-17T21:29:17.700Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-23791 (GCVE-0-2024-23791)

    Vulnerability from cvelistv5 – Published: 2024-01-29 09:21 – Updated: 2025-05-29 15:10
    VLAI
    Title
    Unnecessary data is written to log if issues during indexing occurs
    Summary
    Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-532 - Insertion of Sensitive Information into Log File
    Assigner
    References
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 7.0.x , ≤ 7.0.48 (Patch)
    Affected: 8.0.x , ≤ 8.0.37 (Patch)
    Affected: 2023.x , ≤ 2023.1.1 (Patch)
    Create a notification for this product.
    Date Public
    2024-01-29 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T23:13:07.364Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-02/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-23791",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T15:50:47.563428Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-29T15:10:14.868Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "modules": [
                "Log Backend"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.48",
                  "status": "affected",
                  "version": "7.0.x",
                  "versionType": "Patch"
                },
                {
                  "lessThanOrEqual": "8.0.37",
                  "status": "affected",
                  "version": "8.0.x",
                  "versionType": "Patch"
                },
                {
                  "lessThanOrEqual": "2023.1.1",
                  "status": "affected",
                  "version": "2023.x",
                  "versionType": "Patch"
                }
              ]
            }
          ],
          "datePublic": "2024-01-29T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.\u003cp\u003eThis issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.\u003c/p\u003e"
                }
              ],
              "value": "Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-545",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-545 Pull Data from System Resources"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-532",
                  "description": "CWE-532 Insertion of Sensitive Information into Log File",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-29T09:21:00.278Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-02/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003eUpdate to OTRS Patch 2024.1.1\u003c/div\u003e\u003cdiv\u003eUpdate to OTRS 7.0.49 (Long Term Support Users)\u003c/div\u003e\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS Patch 2024.1.1\n\nUpdate to OTRS 7.0.49 (Long Term Support Users)\n\n"
            }
          ],
          "source": {
            "advisory": "OSA-2024-02",
            "defect": [
              "Issue#1224",
              "Ticket#2021091742001128"
            ],
            "discovery": "USER"
          },
          "title": "Unnecessary data is written to log if issues during indexing occurs",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2024-23791",
        "datePublished": "2024-01-29T09:21:00.278Z",
        "dateReserved": "2024-01-22T10:32:00.704Z",
        "dateUpdated": "2025-05-29T15:10:14.868Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-23792 (GCVE-0-2024-23792)

    Vulnerability from cvelistv5 – Published: 2024-01-29 09:20 – Updated: 2024-11-12 21:47
    VLAI
    Title
    Insufficient access control
    Summary
    When adding attachments to ticket comments, another user can add attachments as well impersonating the orginal user. The attack requires a logged-in other user to know the UUID. While the legitimate user completes the comment, the malicious user can add more files to the comment. This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    References
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 7.0.x , ≤ 7.0.48 (Patch)
    Affected: 8.0.x , ≤ 8.0.37 (Patch)
    Affected: 2023.x , ≤ 2023.1.1 (Patch)
    Create a notification for this product.
    Date Public
    2024-01-29 08:00
    Credits
    Special thanks to Matthias Püschel for reporting these vulnerability.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T23:13:07.447Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-03/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-23792",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-12T21:46:29.598781Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-12T21:47:04.433Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "internal API"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.48",
                  "status": "affected",
                  "version": "7.0.x",
                  "versionType": "Patch"
                },
                {
                  "lessThanOrEqual": "8.0.37",
                  "status": "affected",
                  "version": "8.0.x",
                  "versionType": "Patch"
                },
                {
                  "lessThanOrEqual": "2023.1.1",
                  "status": "affected",
                  "version": "2023.x",
                  "versionType": "Patch"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Special thanks to Matthias P\u00fcschel for reporting these vulnerability."
            }
          ],
          "datePublic": "2024-01-29T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eWhen adding attachments to ticket comments, \nanother user can add attachments as well impersonating the orginal user. The attack requires a \nlogged-in other user to know the UUID. While the legitimate user \ncompletes the comment, the malicious user can add more files to the \ncomment.\u003c/p\u003e\u003cp\u003eThis issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.\u003c/p\u003e"
                }
              ],
              "value": "When adding attachments to ticket comments, \nanother user can add attachments as well impersonating the orginal user. The attack requires a \nlogged-in other user to know the UUID. While the legitimate user \ncompletes the comment, the malicious user can add more files to the \ncomment.\n\nThis issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-194",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-194 Fake the Source of Data"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-29T09:20:40.920Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-03/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003eUpdate to OTRS Patch 2024.1.1\u003c/div\u003e\u003cdiv\u003eUpdate to OTRS 7.0.49 (Long Term Support Users)\u003c/div\u003e"
                }
              ],
              "value": "Update to OTRS Patch 2024.1.1\n\nUpdate to OTRS 7.0.49 (Long Term Support Users)\n\n"
            }
          ],
          "source": {
            "advisory": "OSA-2024-03",
            "defect": [
              "Issue#1392",
              "Ticket#2023083042000825"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Insufficient access control",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2024-23792",
        "datePublished": "2024-01-29T09:20:06.829Z",
        "dateReserved": "2024-01-22T10:32:00.704Z",
        "dateUpdated": "2024-11-12T21:47:04.433Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-6254 (GCVE-0-2023-6254)

    Vulnerability from cvelistv5 – Published: 2023-11-27 09:44 – Updated: 2024-10-15 17:45
    VLAI
    Title
    Password is send back to client
    Summary
    A Vulnerability in OTRS AgentInterface and ExternalInterface allows the reading of plain text passwords which are send back to the client in the server response- This issue affects OTRS: from 8.0.X through 8.0.37.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-522 - Insufficiently Protected Credentials
    Assigner
    Impacted products
    Vendor Product Version
    OTRS AG OTRS Affected: 8.0.x , ≤ 8.0.37 (Patch)
    Create a notification for this product.
    Date Public
    2023-11-27 08:00
    Credits
    Special thanks to Matthias Püschel for reporting these vulnerability.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:28:20.391Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://otrs.com/release-notes/otrs-security-advisory-2023-11/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6254",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-15T17:15:14.848049Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-15T17:45:11.912Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "AgentInterface",
                "ExternalInterface"
              ],
              "product": "OTRS",
              "vendor": "OTRS AG",
              "versions": [
                {
                  "lessThanOrEqual": "8.0.37",
                  "status": "affected",
                  "version": "8.0.x",
                  "versionType": "Patch"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Special thanks to Matthias P\u00fcschel for reporting these vulnerability."
            }
          ],
          "datePublic": "2023-11-27T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A Vulnerability in OTRS AgentInterface and ExternalInterface allows the reading of plain text passwords which are send back to the client in the server response-\u003cbr\u003e\u003cp\u003eThis issue affects OTRS: from 8.0.X through 8.0.37.\u003c/p\u003e"
                }
              ],
              "value": "A Vulnerability in OTRS AgentInterface and ExternalInterface allows the reading of plain text passwords which are send back to the client in the server response-\nThis issue affects OTRS: from 8.0.X through 8.0.37.\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-555",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-555 Remote Services with Stolen Credentials"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-522",
                  "description": "CWE-522 Insufficiently Protected Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-27T09:44:00.273Z",
            "orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
            "shortName": "OTRS"
          },
          "references": [
            {
              "url": "https://otrs.com/release-notes/otrs-security-advisory-2023-11/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to OTRS Patch 2023.1.1\u003cbr\u003e"
                }
              ],
              "value": "Update to OTRS Patch 2023.1.1\n"
            }
          ],
          "source": {
            "advisory": "OSA-2023-11",
            "defect": [
              "Issue#1390",
              "Ticket#2023083042000825"
            ],
            "discovery": "USER"
          },
          "title": "Password is send back to client",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
        "assignerShortName": "OTRS",
        "cveId": "CVE-2023-6254",
        "datePublished": "2023-11-27T09:44:00.273Z",
        "dateReserved": "2023-11-22T12:14:39.322Z",
        "dateUpdated": "2024-10-15T17:45:11.912Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }