Search criteria
150 vulnerabilities found for OTRS by OTRS AG
CVE-2026-48209 (GCVE-0-2026-48209)
Vulnerability from nvd – Published: 2026-06-01 03:32 – Updated: 2026-06-01 13:19
VLAI
Title
Reflected XSS in authenticated agent context
Summary
An improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened.
This issue affects OTRS:
* 7.0.x
Please note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| OTRS AG | OTRS |
Affected:
7.0.x
|
|
| OTRS AG | ((OTRS)) Community Edition |
Affected:
6.x
|
Date Public
2026-06-01 07:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48209",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:19:36.979966Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:19:45.357Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
}
]
},
{
"defaultStatus": "affected",
"product": "((OTRS)) Community Edition",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "6.x"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Special thanks to William Bastos (@chor4o) for reporting this vulnerability"
}
],
"datePublic": "2026-06-01T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAn improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eThis issue affects OTRS:\u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.x\u003c/li\u003e\u003c/ul\u003ePlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "An improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened.\n\nThis issue affects OTRS:\n\n * 7.0.x\n\nPlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected"
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116 Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:32:28.473Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-08/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to latest version of OTRS (2026.4.1. or later). Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to latest version of OTRS (2026.4.1. or later). Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2026-08",
"defect": [
"Ticket#2026052110000287",
"Ticket#2026041442001606"
],
"discovery": "EXTERNAL"
},
"title": "Reflected XSS in authenticated agent context",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-48209",
"datePublished": "2026-06-01T03:32:28.473Z",
"dateReserved": "2026-05-21T12:12:49.645Z",
"dateUpdated": "2026-06-01T13:19:45.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48208 (GCVE-0-2026-48208)
Vulnerability from nvd – Published: 2026-06-01 03:32 – Updated: 2026-06-01 13:19
VLAI
Title
Denial-of-Service via SVG Rendering in Ticket
Summary
An improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article rendering allows attackers to inject specially crafted SVG payloads via email content, leading to browser-side resource exhaustion and denial of service when affected tickets are opened by an agent or customer. The issue can be exploited without JavaScript execution and is not mitigated by the configured Content Security Policy (CSP).
This issue affects OTRS:
* 7.0.X
* 8.0.X
* 2023.X
* 2024.X
* 2025.X
* 2026.X before 2026.4.X
Please note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| OTRS AG | OTRS |
Affected:
7.0.x
Affected: 8.0.x Affected: 2023.x Affected: 2024.x Affected: 2025.x Affected: 2026.x , ≤ 2026.3.x (patch) |
|
| OTRS AG | ((OTRS)) Community Edition |
Affected:
6.x
|
Date Public
2026-06-01 07:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48208",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:19:13.837405Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:19:22.939Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Agent Frontend",
"External Interface"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"status": "affected",
"version": "2025.x"
},
{
"lessThanOrEqual": "2026.3.x",
"status": "affected",
"version": "2026.x",
"versionType": "patch"
}
]
},
{
"defaultStatus": "affected",
"modules": [
"Agent Frontend",
"External Interface"
],
"product": "((OTRS)) Community Edition",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "6.x"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Special thanks to Daniel Triznafor reporting this vulnerability"
}
],
"datePublic": "2026-06-01T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article rendering allows attackers to inject specially crafted SVG payloads via email content, leading to browser-side resource exhaustion and denial of service when affected tickets are opened by an agent or customer. The issue can be exploited without JavaScript execution and is not mitigated by the configured Content Security Policy (CSP).\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS:\u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003ePlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article rendering allows attackers to inject specially crafted SVG payloads via email content, leading to browser-side resource exhaustion and denial of service when affected tickets are opened by an agent or customer. The issue can be exploited without JavaScript execution and is not mitigated by the configured Content Security Policy (CSP).\n\nThis issue affects OTRS:\n\n * 7.0.X\n * 8.0.X\n * 2023.X\n * 2024.X\n * 2025.X\n * 2026.X before 2026.4.X\n\nPlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected"
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-791",
"description": "CWE-791 Incomplete Filtering of Special Elements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:32:38.926Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-07/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2026-07",
"defect": [
"Ticket#2026052110000251",
"Issue#4802"
],
"discovery": "EXTERNAL"
},
"title": "Denial-of-Service via SVG Rendering in Ticket",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-48208",
"datePublished": "2026-06-01T03:32:38.926Z",
"dateReserved": "2026-05-21T12:12:49.645Z",
"dateUpdated": "2026-06-01T13:19:22.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48191 (GCVE-0-2026-48191)
Vulnerability from nvd – Published: 2026-06-01 03:32 – Updated: 2026-06-01 13:18
VLAI
Title
Wrong Permission Handling in Document Search Article Meta Filters
Summary
An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them.
This issue affects OTRS with STORM modules:
* 7.0.X
* 8.0.X
* 2023.X
* 2024.X
* 2025.X
* 2026.X before 2026.4.X
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
1 reference
Impacted products
Date Public
2026-06-01 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48191",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:18:50.061709Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:18:59.494Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Document Search Article Meta Filters"
],
"packageName": "STORM",
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "unknown",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"status": "affected",
"version": "2025.x"
},
{
"lessThanOrEqual": "2026.3.x",
"status": "affected",
"version": "2026.x",
"versionType": "patch"
}
]
}
],
"datePublic": "2026-06-01T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS with STORM modules: \u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them.\n\nThis issue affects OTRS with STORM modules: \n\n * 7.0.X\n * 8.0.X\n * 2023.X\n * 2024.X\n * 2025.X\n * 2026.X before 2026.4.X"
}
],
"impacts": [
{
"capecId": "CAPEC-54",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-54 Query System for Information"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:32:47.624Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-05/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2026-05",
"defect": [
"Ticket#2026052110000189",
"Issue#4041"
],
"discovery": "INTERNAL"
},
"title": "Wrong Permission Handling in Document Search Article Meta Filters",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-48191",
"datePublished": "2026-06-01T03:32:47.624Z",
"dateReserved": "2026-05-21T07:53:13.254Z",
"dateUpdated": "2026-06-01T13:18:59.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48190 (GCVE-0-2026-48190)
Vulnerability from nvd – Published: 2026-06-01 03:32 – Updated: 2026-06-01 13:18
VLAI
Title
Incorrect handling of permissions in External Interface Config Item List module
Summary
An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and CustomerGroupSupport has to be used to be affected.
This issue affects OTRS:
* 7.0.X
* 8.0.X
* 2023.X
* 2024.X
* 2025.X
* 2026.X before 2026.4.X
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
1 reference
Impacted products
Date Public
2026-06-01 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:18:28.357530Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:18:37.055Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"External Interface",
"ConfigItem List"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"status": "affected",
"version": "2025.x"
},
{
"lessThanOrEqual": "2026.3.x",
"status": "affected",
"version": "2026.x",
"versionType": "patch"
}
]
}
],
"datePublic": "2026-06-01T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and \u003ccode\u003eCustomerGroupSupport\u003c/code\u003e\u0026nbsp;has to be used to be affected.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS: \u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and CustomerGroupSupport\u00a0has to be used to be affected.\n\nThis issue affects OTRS: \n\n * 7.0.X\n * 8.0.X\n * 2023.X\n * 2024.X\n * 2025.X\n * 2026.X before 2026.4.X"
}
],
"impacts": [
{
"capecId": "CAPEC-54",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-54 Query System for Information"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:32:53.621Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-04/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2026-04",
"defect": [
"Ticket#2026052110000171",
"Issue#3939"
],
"discovery": "USER"
},
"title": "Incorrect handling of permissions in External Interface Config Item List module",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-48190",
"datePublished": "2026-06-01T03:32:53.621Z",
"dateReserved": "2026-05-21T07:53:13.254Z",
"dateUpdated": "2026-06-01T13:18:37.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48189 (GCVE-0-2026-48189)
Vulnerability from nvd – Published: 2026-06-01 03:33 – Updated: 2026-06-01 13:14
VLAI
Title
Bypass DedicatedAgentToCustomerGroups Setting
Summary
An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and CustomerGroupSupport has to be used to be affected.
This issue affects OTRS:
* 7.0.X
* 8.0.X
* 2023.X
* 2024.X
* 2025.X
* 2026.X before 2026.4.X
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
1 reference
Impacted products
Date Public
2026-06-01 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48189",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:14:38.008285Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:14:49.791Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Customer Backend"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"status": "affected",
"version": "2025.x"
},
{
"lessThanOrEqual": "2026.3.x",
"status": "affected",
"version": "2026.x",
"versionType": "patch"
}
]
}
],
"datePublic": "2026-06-01T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and\u0026nbsp;\u003ccode\u003eCustomerGroupSupport\u003c/code\u003e\u0026nbsp;has to be used to be affected.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS: \u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and\u00a0CustomerGroupSupport\u00a0has to be used to be affected.\n\nThis issue affects OTRS: \n\n * 7.0.X\n * 8.0.X\n * 2023.X\n * 2024.X\n * 2025.X\n * 2026.X before 2026.4.X"
}
],
"impacts": [
{
"capecId": "CAPEC-54",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-54 Query System for Information"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:33:03.373Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-03/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2026-03",
"defect": [
"Ticket#2026052110000161",
"Issue#3780"
],
"discovery": "USER"
},
"title": "Bypass DedicatedAgentToCustomerGroups Setting",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-48189",
"datePublished": "2026-06-01T03:33:03.373Z",
"dateReserved": "2026-05-21T07:53:13.254Z",
"dateUpdated": "2026-06-01T13:14:49.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48188 (GCVE-0-2026-48188)
Vulnerability from nvd – Published: 2026-06-01 03:33 – Updated: 2026-06-01 13:17
VLAI
Title
SQL Injection via MySQL Quote Method
Summary
An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if the MySQL/MariaDB server is configured with the NO_BACKSLASH_ESCAPES SQL mode.
This issue affects OTRS:
* 7.0.X
* 8.0.X
* 2023.X
* 2024.X
* 2025.X
* 2026.X before 2026.4.X
* (OTRS)) Community Edition: 6.0.x
Products based on the ((OTRS)) Community Edition also very likely to be affected
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| OTRS AG | OTRS |
Affected:
7.0.x
Affected: 8.0.x Affected: 2023.x Affected: 2024.x Affected: 2025.x Affected: 2026.x , ≤ 2026.3.x (patch) |
|
| OTRS AG | ((OTRS)) Community Edition |
Affected:
6.x
|
Date Public
2026-06-01 07:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48188",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:17:22.840595Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:17:31.447Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Database Layer"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"status": "affected",
"version": "2025.x"
},
{
"lessThanOrEqual": "2026.3.x",
"status": "affected",
"version": "2026.x",
"versionType": "patch"
}
]
},
{
"defaultStatus": "affected",
"product": "((OTRS)) Community Edition",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "6.x"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Special thanks to Daniel Triznafor reporting this vulnerability"
}
],
"datePublic": "2026-06-01T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition\u0026nbsp;database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if\u0026nbsp;the MySQL/MariaDB server is configured with the \u003ccode\u003eNO_BACKSLASH_ESCAPES\u003c/code\u003e SQL mode.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS: \u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003cli\u003e(OTRS)) Community Edition: 6.0.x\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cdiv\u003eProducts based on the ((OTRS)) Community Edition also very likely to be affected\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition\u00a0database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if\u00a0the MySQL/MariaDB server is configured with the NO_BACKSLASH_ESCAPES SQL mode.\n\nThis issue affects OTRS: \n\n * 7.0.X\n * 8.0.X\n * 2023.X\n * 2024.X\n * 2025.X\n * 2026.X before 2026.4.X\n * (OTRS)) Community Edition: 6.0.x\n\nProducts based on the ((OTRS)) Community Edition also very likely to be affected"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:33:15.822Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-02/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2026-02",
"defect": [
"Ticket#2026052110000134",
"Issue#4824",
"Issue#4859"
],
"discovery": "EXTERNAL"
},
"title": "SQL Injection via MySQL Quote Method",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reconfigure\u0026nbsp;MySQL/MariaDB servernot to use\u0026nbsp;\u003ccode\u003eNO_BACKSLASH_ESCAPES\u003c/code\u003e SQL"
}
],
"value": "Reconfigure\u00a0MySQL/MariaDB servernot to use\u00a0NO_BACKSLASH_ESCAPES SQL"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-48188",
"datePublished": "2026-06-01T03:33:15.822Z",
"dateReserved": "2026-05-21T07:53:13.254Z",
"dateUpdated": "2026-06-01T13:17:31.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48187 (GCVE-0-2026-48187)
Vulnerability from nvd – Published: 2026-06-01 03:33 – Updated: 2026-06-01 13:17
VLAI
Title
Email with special content can lead to DoS
Summary
An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocation which may lead to the abortion of the webserver.This issue affects OTRS:
* 8.0.X
* 2023.X
* 2024.X
* 2025.X
* 2026.X before 2026.4.X
Please note that ((OTRS)) Community Edition 6.x, OTRS 7.x and products based on the ((OTRS)) Community Edition also very likely to be affected
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| OTRS AG | OTRS |
Unknown:
7.0.x
Affected: 8.0.x Affected: 2023.x Affected: 2024.x Affected: 2025.x Affected: 2026.x , ≤ 2026.3.x (patch) |
|
| OTRS AG | ((OTRS)) Community Edition |
Unknown:
6.x
|
Date Public
2026-06-01 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48187",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:16:53.155447Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:17:04.742Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Mail Backend"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "unknown",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"status": "affected",
"version": "2025.x"
},
{
"lessThanOrEqual": "2026.3.x",
"status": "affected",
"version": "2026.x",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unknown",
"product": "((OTRS)) Community Edition",
"vendor": "OTRS AG",
"versions": [
{
"status": "unknown",
"version": "6.x"
}
]
}
],
"datePublic": "2026-06-01T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocation which may lead to the abortion of the webserver.\u003cp\u003eThis issue affects OTRS:\u003c/p\u003e\u003cul\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003ePlease note that ((OTRS)) Community Edition 6.x, OTRS 7.x and products based on the ((OTRS)) Community Edition also very likely to be affected"
}
],
"value": "An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocation which may lead to the abortion of the webserver.This issue affects OTRS:\n\n * 8.0.X\n * 2023.X\n * 2024.X\n * 2025.X\n * 2026.X before 2026.4.X\n\nPlease note that ((OTRS)) Community Edition 6.x, OTRS 7.x and products based on the ((OTRS)) Community Edition also very likely to be affected"
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:33:23.990Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-06/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2026-06",
"defect": [
"Ticket#2026052110000214",
"Issue#3890"
],
"discovery": "USER"
},
"title": "Email with special content can lead to DoS",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-48187",
"datePublished": "2026-06-01T03:33:23.990Z",
"dateReserved": "2026-05-21T07:53:13.253Z",
"dateUpdated": "2026-06-01T13:17:04.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48210 (GCVE-0-2026-48210)
Vulnerability from nvd – Published: 2026-05-31 21:11 – Updated: 2026-06-01 13:24
VLAI
Title
Possible information disclosure via External Interface
Summary
An improper default configuration in OTRS 2026.3.1 causes ticket article forwarding actions to enforce the “Is visible for customer” flag by default and prevent users from disabling it via the UI. This leads to unintended exposure of internal ticket information to the External Frontend
This issue affects OTRS 2026.3.1
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Date Public
2026-06-01 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48210",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:24:29.483981Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:24:39.472Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"External Interface"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "2026.3.1"
}
]
}
],
"datePublic": "2026-06-01T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAn improper default configuration in OTRS 2026.3.1 causes ticket article forwarding actions to enforce the \u201cIs visible for customer\u201d flag by default and prevent users from disabling it via the UI. This leads to unintended exposure of internal ticket information to the External Frontend\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eThis issue affects OTRS 2026.3.1\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "An improper default configuration in OTRS 2026.3.1 causes ticket article forwarding actions to enforce the \u201cIs visible for customer\u201d flag by default and prevent users from disabling it via the UI. This leads to unintended exposure of internal ticket information to the External Frontend\n\nThis issue affects OTRS 2026.3.1"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
},
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:33:42.079Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-09/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to latest version of OTRS (2026.4.1. or later).\u003cbr\u003e"
}
],
"value": "Update to latest version of OTRS (2026.4.1. or later)."
}
],
"source": {
"advisory": "OSA-2026-09",
"defect": [
"Ticket#2026052110000321",
"Issue#4853"
],
"discovery": "USER"
},
"title": "Possible information disclosure via External Interface",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Go to Forms###AgentFrontend::TicketArticle::Action::Forward in System Configuration.\u0026nbsp;You will find that by Is visible for customer is a line Disabled: 1. Change it to\u0026nbsp;Disabled to 0 or remove it.\u0026nbsp;\u003cbr\u003e\u003cbr\u003e\u003cb\u003eCaution: Still the user has to check the checkbox on forwarding and uncheck it if needed\u003c/b\u003e"
}
],
"value": "Go to Forms###AgentFrontend::TicketArticle::Action::Forward in System Configuration.\u00a0You will find that by Is visible for customer is a line Disabled: 1. Change it to\u00a0Disabled to 0 or remove it.\u00a0\n\nCaution: Still the user has to check the checkbox on forwarding and uncheck it if needed"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-48210",
"datePublished": "2026-05-31T21:11:25.337Z",
"dateReserved": "2026-05-21T12:12:49.646Z",
"dateUpdated": "2026-06-01T13:24:39.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-6060 (GCVE-0-2026-6060)
Vulnerability from nvd – Published: 2026-04-20 18:20 – Updated: 2026-04-20 18:48
VLAI
Title
Possible DoS via SQL Box
Summary
A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS:
* 7.0.X
* 8.0.X
* 2023.X
* 2024.X
* 2025.X
* 2026.X before 2026.3.X
Severity
4.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
Date Public
2026-04-20 07:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-6060",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-20T18:47:46.149327Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-20T18:48:48.185Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"SQL Box"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"status": "affected",
"version": "2025.x"
},
{
"lessThanOrEqual": "2026.2.x",
"status": "affected",
"version": "2026.x",
"versionType": "patch"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Special thanks to Matthias Terlinde for reporting this vulnerability"
}
],
"datePublic": "2026-04-20T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the system\u003cp\u003eThis issue affects OTRS:\u0026nbsp;\u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.3.X\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS:\u00a0\n\n * 7.0.X\n * 8.0.X\n * 2023.X\n * 2024.X\n * 2025.X\n * 2026.X before 2026.3.X"
}
],
"impacts": [
{
"capecId": "CAPEC-125",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-125 Flooding"
}
]
},
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-20T18:20:01.664Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-01/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2026.3.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2026.3.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2026-01",
"defect": [
"Ticket#2025021142001359",
"Issue#3460"
],
"discovery": "USER"
},
"title": "Possible DoS via SQL Box",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Remove SQL Box from Admin Interface via System Configuration"
}
],
"value": "Remove SQL Box from Admin Interface via System Configuration"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-6060",
"datePublished": "2026-04-20T18:20:01.664Z",
"dateReserved": "2026-04-10T08:43:26.385Z",
"dateUpdated": "2026-04-20T18:48:48.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-24391 (GCVE-0-2025-24391)
Vulnerability from nvd – Published: 2025-07-14 08:15 – Updated: 2025-07-14 12:58
VLAI
Title
Possible user enumeration
Summary
A vulnerability in the External Interface of OTRS allows conclusions to be drawn about the existence of user accounts through different HTTP response codes and messages. This enables an attacker to systematically identify valid email addresses.
This issue affects:
* OTRS 7.0.X
* OTRS 8.0.X
* OTRS 2023.X
* OTRS 2024.X
* OTRS 2025.X
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
1 reference
Impacted products
Date Public
2025-07-14 07:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24391",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-14T12:57:40.250849Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-14T12:58:02.638Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"External Interface"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"lessThanOrEqual": "2025.5.x",
"status": "affected",
"version": "2025.x",
"versionType": "Patch"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Special thanks to David Silva for reporting this vulnerability."
}
],
"datePublic": "2025-07-14T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in the External Interface of OTRS allows conclusions to be drawn about the existence of user accounts through different HTTP response codes and messages. This enables an attacker to systematically identify valid email addresses.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects: \u003c/p\u003e\u003cul\u003e\u003cli\u003eOTRS 7.0.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003eOTRS 8.0.X\u003c/li\u003e\u003cli\u003eOTRS 2023.X\u003c/li\u003e\u003cli\u003eOTRS 2024.X\u003c/li\u003e\u003cli\u003eOTRS 2025.X\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "A vulnerability in the External Interface of OTRS allows conclusions to be drawn about the existence of user accounts through different HTTP response codes and messages. This enables an attacker to systematically identify valid email addresses.\n\nThis issue affects: \n\n * OTRS 7.0.X\n\n * OTRS 8.0.X\n * OTRS 2023.X\n * OTRS 2024.X\n * OTRS 2025.X"
}
],
"impacts": [
{
"capecId": "CAPEC-575",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-575 Account Footprinting"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-14T08:15:58.668Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2025-07/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2025.6.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"value": "Update to OTRS 2025.6.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2025-07",
"defect": [
"Issue#3743",
"Ticket#2024121142001403"
],
"discovery": "EXTERNAL"
},
"title": "Possible user enumeration",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2025-24391",
"datePublished": "2025-07-14T08:15:58.668Z",
"dateReserved": "2025-01-21T09:09:58.721Z",
"dateUpdated": "2025-07-14T12:58:02.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24388 (GCVE-0-2025-24388)
Vulnerability from nvd – Published: 2025-06-16 11:29 – Updated: 2025-06-16 15:01
VLAI
Title
Unsafe handling of AJAX calls
Summary
A vulnerability in the OTRS Admin Interface and Agent Interface (versions before OTRS 8) allow parameter injection due to for an autheniticated agent or admin user.
This issue affects:
* OTRS 7.0.X
* OTRS 8.0.X
* OTRS 2023.X
* OTRS 2024.X
* OTRS 2025.X
* ((OTRS)) Community Edition: 6.0.x
Products based on the ((OTRS)) Community Edition also very likely to be affected
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-184 - Incomplete List of Disallowed Inputs
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| OTRS AG | OTRS |
Affected:
7.0.x
Affected: 8.0.x Affected: 2023.x Affected: 2024.x Affected: 2025.x , ≤ 2025.5.1 (Patch) |
|
| OTRS AG | ((OTRS)) Community Edition |
Affected:
6.0.x
|
Date Public
2025-06-16 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24388",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-16T14:59:52.657688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T15:01:06.130Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Admin Interface",
"Agent Interface (versions before OTRS 8)"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"lessThanOrEqual": "2025.5.1",
"status": "affected",
"version": "2025.x",
"versionType": "Patch"
}
]
},
{
"defaultStatus": "affected",
"modules": [
"Admin Interface",
"Agent Interface"
],
"product": "((OTRS)) Community Edition",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "6.0.x"
}
]
}
],
"datePublic": "2025-06-16T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in the OTRS Admin Interface and Agent Interface (versions before OTRS 8) allow parameter injection due to for an autheniticated agent or admin user.\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e\u003cp\u003eThis issue affects: \u003c/p\u003e\u003cul\u003e\u003cli\u003eOTRS 7.0.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003eOTRS 8.0.X\u003c/li\u003e\u003cli\u003eOTRS 2023.X\u003c/li\u003e\u003cli\u003eOTRS 2024.X\u003c/li\u003e\u003cli\u003eOTRS 2025.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003e((OTRS)) Community Edition: 6.0.x\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cdiv\u003eProducts based on the ((OTRS)) Community Edition also very likely to be affected\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "A vulnerability in the OTRS Admin Interface and Agent Interface (versions before OTRS 8) allow parameter injection due to for an autheniticated agent or admin user.\n\nThis issue affects: \n\n * OTRS 7.0.X\n\n * OTRS 8.0.X\n * OTRS 2023.X\n * OTRS 2024.X\n * OTRS 2025.X\n\n * ((OTRS)) Community Edition: 6.0.x\n\nProducts based on the ((OTRS)) Community Edition also very likely to be affected"
}
],
"impacts": [
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137 Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-184",
"description": "CWE-184 Incomplete List of Disallowed Inputs",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T11:29:20.295Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2025-06/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2025.5.2. or later. Please note that there will be no OTRS 7 patches and that impact for OTRS 7 and prior is higher."
}
],
"value": "Update to OTRS 2025.5.2. or later. Please note that there will be no OTRS 7 patches and that impact for OTRS 7 and prior is higher."
}
],
"source": {
"advisory": "OSA-2025-06",
"defect": [
"Issue#3738"
],
"discovery": "USER"
},
"title": "Unsafe handling of AJAX calls",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2025-24388",
"datePublished": "2025-06-16T11:29:20.295Z",
"dateReserved": "2025-01-21T09:09:58.720Z",
"dateUpdated": "2025-06-16T15:01:06.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24387 (GCVE-0-2025-24387)
Vulnerability from nvd – Published: 2025-03-10 09:28 – Updated: 2025-03-10 13:12
VLAI
Title
Missing CSRF protection
Summary
A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive
cookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation.
This issue affects:
* OTRS 7.0.X
* OTRS 8.0.X
* OTRS 2023.X
* OTRS 2024.X
* OTRS 2025.x
Severity
4.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1275 - Sensitive Cookie with Improper SameSite Attribute
Assigner
References
1 reference
Impacted products
Date Public
2025-03-10 08:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24387",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T13:12:24.747437Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T13:12:40.237Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Application Server"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"lessThanOrEqual": "2025.1.2",
"status": "affected",
"version": "2025.x",
"versionType": "Patch"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Special thanks to Alissa Kim for reporting this vulnerability."
}
],
"datePublic": "2025-03-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive \ncookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation.\u003cbr\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cul\u003e\u003cli\u003eOTRS 7.0.X\u003c/li\u003e\u003cli\u003eOTRS 8.0.X\u003c/li\u003e\u003cli\u003eOTRS 2023.X\u003c/li\u003e\u003cli\u003eOTRS 2024.X\u003c/li\u003e\u003cli\u003eOTRS 2025.x \u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
}
],
"value": "A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive \ncookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation.\n\u00a0\n\nThis issue affects:\n\n * OTRS 7.0.X\n * OTRS 8.0.X\n * OTRS 2023.X\n * OTRS 2024.X\n * OTRS 2025.x"
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1275",
"description": "CWE-1275: Sensitive Cookie with Improper SameSite Attribute",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T09:28:31.053Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2025-05/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2025.2.x. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2025.2.x. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2025-05",
"defect": [
"Issue#3080",
"Ticket#2024110542002023"
],
"discovery": "EXTERNAL"
},
"title": "Missing CSRF protection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2025-24387",
"datePublished": "2025-03-10T09:28:31.053Z",
"dateReserved": "2025-01-21T09:09:58.720Z",
"dateUpdated": "2025-03-10T13:12:40.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24390 (GCVE-0-2025-24390)
Vulnerability from nvd – Published: 2025-01-27 05:59 – Updated: 2025-02-12 20:01
VLAI
Title
Missing Cookie Flags
Summary
A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions.
This issue affects:
* OTRS 7.0.X
* OTRS 8.0.X
* OTRS 2023.X
* OTRS 2024.X
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-614 - Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Assigner
References
1 reference
Impacted products
Date Public
2025-01-27 08:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24390",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T13:22:30.624532Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:01:13.513Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"OTRS Application Server",
"Reverse Proxy"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Special thanks to Alissa Kim for reporting this vulnerability."
}
],
"datePublic": "2025-01-27T08:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects: \u003c/p\u003e\u003cul\u003e\u003cli\u003eOTRS 7.0.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003eOTRS 8.0.X\u003c/li\u003e\u003cli\u003eOTRS 2023.X\u003c/li\u003e\u003cli\u003eOTRS 2024.X\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions.\n\nThis issue affects: \n\n * OTRS 7.0.X\n\n * OTRS 8.0.X\n * OTRS 2023.X\n * OTRS 2024.X"
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-614",
"description": "CWE-614 Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T05:59:20.511Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2025-04/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2025.1.x. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2025.1.x. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2025-04",
"defect": [
"Issue#3079",
"Ticket#2024110542002023"
],
"discovery": "EXTERNAL"
},
"title": "Missing Cookie Flags",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2025-24390",
"datePublished": "2025-01-27T05:59:20.511Z",
"dateReserved": "2025-01-21T09:09:58.721Z",
"dateUpdated": "2025-02-12T20:01:13.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24389 (GCVE-0-2025-24389)
Vulnerability from nvd – Published: 2025-01-27 05:59 – Updated: 2025-02-12 20:41
VLAI
Title
SMTP Password will be shown in cleartext on some SMTP errors
Summary
Certain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)) Community Edition log mechanism and mails send to the system administrator.
This issue affects:
* OTRS 7.0.X
* OTRS 8.0.X
* OTRS 2023.X
* OTRS 2024.X
* ((OTRS)) Community Edition: 6.0.x
Products based on the ((OTRS)) Community Edition also very likely to be affected
Severity
6.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| OTRS AG | OTRS |
Affected:
7.0.x
Affected: 8.0.x Affected: 2023.x Affected: 2024.x |
|
| OTRS AG | ((OTRS)) Community Edition |
Affected:
6.0.x , ≤ 6.0.34
(All)
|
Date Public
2025-01-27 08:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T13:23:23.051987Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:31.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"SMTP Sending Module"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"SMTP Sending Module"
],
"product": "((OTRS)) Community Edition",
"vendor": "OTRS AG",
"versions": [
{
"lessThanOrEqual": "6.0.34",
"status": "affected",
"version": "6.0.x",
"versionType": "All"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "OTRS needs to be configured to use SMTP modules instead of sendmail"
}
],
"value": "OTRS needs to be configured to use SMTP modules instead of sendmail"
}
],
"datePublic": "2025-01-27T08:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eCertain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)) Community Edition log mechanism and mails send to the system administrator.\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e\u003cp\u003eThis issue affects: \u003c/p\u003e\u003cul\u003e\u003cli\u003eOTRS 7.0.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003eOTRS 8.0.X\u003c/li\u003e\u003cli\u003eOTRS 2023.X\u003c/li\u003e\u003cli\u003eOTRS 2024.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003e((OTRS)) Community Edition: 6.0.x\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cdiv\u003eProducts based on the ((OTRS)) Community Edition also very likely to be affected\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Certain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)) Community Edition log mechanism and mails send to the system administrator.\n\nThis issue affects: \n\n * OTRS 7.0.X\n\n * OTRS 8.0.X\n * OTRS 2023.X\n * OTRS 2024.X\n\n * ((OTRS)) Community Edition: 6.0.x\n\nProducts based on the ((OTRS)) Community Edition also very likely to be affected"
}
],
"impacts": [
{
"capecId": "CAPEC-545",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-545 Pull Data from System Resources"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T05:59:01.064Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2025-03/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eUpdate to OTRS 2025.1.x. Please note that there will be no OTRS 7 patches. \u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eOptional: Use MTA based sending on the OTRS instance e.g. postfix\u003c/div\u003e"
}
],
"value": "Update to OTRS 2025.1.x. Please note that there will be no OTRS 7 patches. \n\nOptional: Use MTA based sending on the OTRS instance e.g. postfix"
}
],
"source": {
"advisory": "OSA-2025-03",
"defect": [
"Issue#3185",
"Ticket#2024112142001941"
],
"discovery": "USER"
},
"title": "SMTP Password will be shown in cleartext on some SMTP errors",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use a local MTA for sending instead of SMTP configuration within OTRS"
}
],
"value": "Use a local MTA for sending instead of SMTP configuration within OTRS"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2025-24389",
"datePublished": "2025-01-27T05:59:01.064Z",
"dateReserved": "2025-01-21T09:09:58.721Z",
"dateUpdated": "2025-02-12T20:41:31.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43446 (GCVE-0-2024-43446)
Vulnerability from nvd – Published: 2025-01-27 05:58 – Updated: 2025-02-12 20:41
VLAI
Title
Improper check of permissions in Generic Interface
Summary
An improper privilege management vulnerability in OTRS Generic Interface module allows change of the Ticket status even if the user only has ro permissions.
This issue affects:
* OTRS 7.0.X
* OTRS 8.0.X
* OTRS 2023.X
* OTRS 2024.X
* ((OTRS)) Community Edition: 6.0.x
Products based on the ((OTRS)) Community Edition also very likely to be affected
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| OTRS AG | OTRS |
Affected:
7.0.x
Affected: 8.0.x Affected: 2023.x Affected: 2024.x Affected: 2025.x , < 2025.1.x (Patch) |
|
| OTRS AG | ((OTRS)) Community Edition |
Affected:
6.0.x , ≤ 6.0.34
(All)
|
Date Public
2025-01-27 08:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43446",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T13:36:20.253690Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:31.804Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Generic Interface"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"lessThan": "2025.1.x",
"status": "affected",
"version": "2025.x",
"versionType": "Patch"
}
]
},
{
"defaultStatus": "affected",
"product": "((OTRS)) Community Edition",
"vendor": "OTRS AG",
"versions": [
{
"lessThanOrEqual": "6.0.34",
"status": "affected",
"version": "6.0.x",
"versionType": "All"
}
]
}
],
"datePublic": "2025-01-27T08:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper privilege management vulnerability in OTRS Generic Interface module allows change of the Ticket status even if the user only has ro permissions. \u003cbr\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects: \u003c/p\u003e\u003cul\u003e\u003cli\u003eOTRS 7.0.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003eOTRS 8.0.X\u003c/li\u003e\u003cli\u003eOTRS 2023.X\u003c/li\u003e\u003cli\u003eOTRS 2024.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003e((OTRS)) Community Edition: 6.0.x\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cdiv\u003eProducts based on the ((OTRS)) Community Edition also very likely to be affected\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An improper privilege management vulnerability in OTRS Generic Interface module allows change of the Ticket status even if the user only has ro permissions. \n\nThis issue affects: \n\n * OTRS 7.0.X\n\n * OTRS 8.0.X\n * OTRS 2023.X\n * OTRS 2024.X\n\n * ((OTRS)) Community Edition: 6.0.x\n\nProducts based on the ((OTRS)) Community Edition also very likely to be affected"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T05:58:29.271Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2025-02/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2025.1.x. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2025.1.x. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2025-02",
"defect": [
"Issue#3124",
"Ticket#2024081942000891"
],
"discovery": "USER"
},
"title": "Improper check of permissions in Generic Interface",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2024-43446",
"datePublished": "2025-01-27T05:58:29.271Z",
"dateReserved": "2024-08-13T13:38:47.973Z",
"dateUpdated": "2025-02-12T20:41:31.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43445 (GCVE-0-2024-43445)
Vulnerability from nvd – Published: 2025-01-27 05:58 – Updated: 2025-02-12 20:41
VLAI
Title
Missing X-Content-Type-Options: nosniff Header Allows MIME Type Sniffing
Summary
A vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header X-Content-Type-Options to nosniff. An attacker could exploit this vulnerability by uploading or inserting content that would be treated as a different MIME type than intended.
This issue affects:
* OTRS 7.0.X
* OTRS 8.0.X
* OTRS 2023.X
* OTRS 2024.X
* ((OTRS)) Community Edition: 6.0.x
Products based on the ((OTRS)) Community Edition also very likely to be affected
Severity
5.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://otrs.com/release-notes/otrs-security-advi… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| OTRS AG | OTRS |
Affected:
7.0.x
Affected: 8.0.x Affected: 2023.x Affected: 2024.x Affected: 2025.x , < 2025.1.x (Patch) |
|
| OTRS AG | ((OTRS)) Community Edition |
Affected:
6.0.x , ≤ 6.0.34
(All)
|
Date Public
2025-01-27 08:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43445",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T13:36:30.418831Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:31.932Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"lessThan": "2025.1.x",
"status": "affected",
"version": "2025.x",
"versionType": "Patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "((OTRS)) Community Edition",
"vendor": "OTRS AG",
"versions": [
{
"lessThanOrEqual": "6.0.34",
"status": "affected",
"version": "6.0.x",
"versionType": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Special thanks to Alissa Kim for reporting this vulnerability."
}
],
"datePublic": "2025-01-27T08:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header \u003ccode\u003eX-Content-Type-Options\u003c/code\u003e to \u003ccode\u003enosniff\u003c/code\u003e. An attacker could exploit this vulnerability by uploading or inserting content that would be treated as a different MIME type than intended. \u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects: \u003c/p\u003e\u003cul\u003e\u003cli\u003eOTRS 7.0.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003eOTRS 8.0.X\u003c/li\u003e\u003cli\u003eOTRS 2023.X\u003c/li\u003e\u003cli\u003eOTRS 2024.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003e((OTRS)) Community Edition: 6.0.x\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cdiv\u003eProducts based on the ((OTRS)) Community Edition also very likely to be affected\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "A vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header X-Content-Type-Options to nosniff. An attacker could exploit this vulnerability by uploading or inserting content that would be treated as a different MIME type than intended. \n\nThis issue affects: \n\n * OTRS 7.0.X\n\n * OTRS 8.0.X\n * OTRS 2023.X\n * OTRS 2024.X\n\n * ((OTRS)) Community Edition: 6.0.x\n\nProducts based on the ((OTRS)) Community Edition also very likely to be affected"
}
],
"impacts": [
{
"capecId": "CAPEC-148",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-148 Content Spoofing"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T05:58:11.722Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://otrs.com/release-notes/otrs-security-advisory-2025-01/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2025.1.x. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2025.1.x. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2025-01",
"defect": [
"Issue#1708",
"Ticket#2024110542002023"
],
"discovery": "USER"
},
"title": "Missing X-Content-Type-Options: nosniff Header Allows MIME Type Sniffing",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2024-43445",
"datePublished": "2025-01-27T05:58:11.722Z",
"dateReserved": "2024-08-13T13:38:47.973Z",
"dateUpdated": "2025-02-12T20:41:31.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-48187 (GCVE-0-2026-48187)
Vulnerability from cvelistv5 – Published: 2026-06-01 03:33 – Updated: 2026-06-01 13:17
VLAI
Title
Email with special content can lead to DoS
Summary
An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocation which may lead to the abortion of the webserver.This issue affects OTRS:
* 8.0.X
* 2023.X
* 2024.X
* 2025.X
* 2026.X before 2026.4.X
Please note that ((OTRS)) Community Edition 6.x, OTRS 7.x and products based on the ((OTRS)) Community Edition also very likely to be affected
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| OTRS AG | OTRS |
Unknown:
7.0.x
Affected: 8.0.x Affected: 2023.x Affected: 2024.x Affected: 2025.x Affected: 2026.x , ≤ 2026.3.x (patch) |
|
| OTRS AG | ((OTRS)) Community Edition |
Unknown:
6.x
|
Date Public
2026-06-01 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48187",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:16:53.155447Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:17:04.742Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Mail Backend"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "unknown",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"status": "affected",
"version": "2025.x"
},
{
"lessThanOrEqual": "2026.3.x",
"status": "affected",
"version": "2026.x",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unknown",
"product": "((OTRS)) Community Edition",
"vendor": "OTRS AG",
"versions": [
{
"status": "unknown",
"version": "6.x"
}
]
}
],
"datePublic": "2026-06-01T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocation which may lead to the abortion of the webserver.\u003cp\u003eThis issue affects OTRS:\u003c/p\u003e\u003cul\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003ePlease note that ((OTRS)) Community Edition 6.x, OTRS 7.x and products based on the ((OTRS)) Community Edition also very likely to be affected"
}
],
"value": "An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocation which may lead to the abortion of the webserver.This issue affects OTRS:\n\n * 8.0.X\n * 2023.X\n * 2024.X\n * 2025.X\n * 2026.X before 2026.4.X\n\nPlease note that ((OTRS)) Community Edition 6.x, OTRS 7.x and products based on the ((OTRS)) Community Edition also very likely to be affected"
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:33:23.990Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-06/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2026-06",
"defect": [
"Ticket#2026052110000214",
"Issue#3890"
],
"discovery": "USER"
},
"title": "Email with special content can lead to DoS",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-48187",
"datePublished": "2026-06-01T03:33:23.990Z",
"dateReserved": "2026-05-21T07:53:13.253Z",
"dateUpdated": "2026-06-01T13:17:04.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48188 (GCVE-0-2026-48188)
Vulnerability from cvelistv5 – Published: 2026-06-01 03:33 – Updated: 2026-06-01 13:17
VLAI
Title
SQL Injection via MySQL Quote Method
Summary
An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if the MySQL/MariaDB server is configured with the NO_BACKSLASH_ESCAPES SQL mode.
This issue affects OTRS:
* 7.0.X
* 8.0.X
* 2023.X
* 2024.X
* 2025.X
* 2026.X before 2026.4.X
* (OTRS)) Community Edition: 6.0.x
Products based on the ((OTRS)) Community Edition also very likely to be affected
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| OTRS AG | OTRS |
Affected:
7.0.x
Affected: 8.0.x Affected: 2023.x Affected: 2024.x Affected: 2025.x Affected: 2026.x , ≤ 2026.3.x (patch) |
|
| OTRS AG | ((OTRS)) Community Edition |
Affected:
6.x
|
Date Public
2026-06-01 07:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48188",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:17:22.840595Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:17:31.447Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Database Layer"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"status": "affected",
"version": "2025.x"
},
{
"lessThanOrEqual": "2026.3.x",
"status": "affected",
"version": "2026.x",
"versionType": "patch"
}
]
},
{
"defaultStatus": "affected",
"product": "((OTRS)) Community Edition",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "6.x"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Special thanks to Daniel Triznafor reporting this vulnerability"
}
],
"datePublic": "2026-06-01T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition\u0026nbsp;database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if\u0026nbsp;the MySQL/MariaDB server is configured with the \u003ccode\u003eNO_BACKSLASH_ESCAPES\u003c/code\u003e SQL mode.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS: \u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003cli\u003e(OTRS)) Community Edition: 6.0.x\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cdiv\u003eProducts based on the ((OTRS)) Community Edition also very likely to be affected\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition\u00a0database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if\u00a0the MySQL/MariaDB server is configured with the NO_BACKSLASH_ESCAPES SQL mode.\n\nThis issue affects OTRS: \n\n * 7.0.X\n * 8.0.X\n * 2023.X\n * 2024.X\n * 2025.X\n * 2026.X before 2026.4.X\n * (OTRS)) Community Edition: 6.0.x\n\nProducts based on the ((OTRS)) Community Edition also very likely to be affected"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:33:15.822Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-02/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2026-02",
"defect": [
"Ticket#2026052110000134",
"Issue#4824",
"Issue#4859"
],
"discovery": "EXTERNAL"
},
"title": "SQL Injection via MySQL Quote Method",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reconfigure\u0026nbsp;MySQL/MariaDB servernot to use\u0026nbsp;\u003ccode\u003eNO_BACKSLASH_ESCAPES\u003c/code\u003e SQL"
}
],
"value": "Reconfigure\u00a0MySQL/MariaDB servernot to use\u00a0NO_BACKSLASH_ESCAPES SQL"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-48188",
"datePublished": "2026-06-01T03:33:15.822Z",
"dateReserved": "2026-05-21T07:53:13.254Z",
"dateUpdated": "2026-06-01T13:17:31.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48189 (GCVE-0-2026-48189)
Vulnerability from cvelistv5 – Published: 2026-06-01 03:33 – Updated: 2026-06-01 13:14
VLAI
Title
Bypass DedicatedAgentToCustomerGroups Setting
Summary
An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and CustomerGroupSupport has to be used to be affected.
This issue affects OTRS:
* 7.0.X
* 8.0.X
* 2023.X
* 2024.X
* 2025.X
* 2026.X before 2026.4.X
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
1 reference
Impacted products
Date Public
2026-06-01 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48189",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:14:38.008285Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:14:49.791Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Customer Backend"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"status": "affected",
"version": "2025.x"
},
{
"lessThanOrEqual": "2026.3.x",
"status": "affected",
"version": "2026.x",
"versionType": "patch"
}
]
}
],
"datePublic": "2026-06-01T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and\u0026nbsp;\u003ccode\u003eCustomerGroupSupport\u003c/code\u003e\u0026nbsp;has to be used to be affected.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS: \u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and\u00a0CustomerGroupSupport\u00a0has to be used to be affected.\n\nThis issue affects OTRS: \n\n * 7.0.X\n * 8.0.X\n * 2023.X\n * 2024.X\n * 2025.X\n * 2026.X before 2026.4.X"
}
],
"impacts": [
{
"capecId": "CAPEC-54",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-54 Query System for Information"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:33:03.373Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-03/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2026-03",
"defect": [
"Ticket#2026052110000161",
"Issue#3780"
],
"discovery": "USER"
},
"title": "Bypass DedicatedAgentToCustomerGroups Setting",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-48189",
"datePublished": "2026-06-01T03:33:03.373Z",
"dateReserved": "2026-05-21T07:53:13.254Z",
"dateUpdated": "2026-06-01T13:14:49.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48190 (GCVE-0-2026-48190)
Vulnerability from cvelistv5 – Published: 2026-06-01 03:32 – Updated: 2026-06-01 13:18
VLAI
Title
Incorrect handling of permissions in External Interface Config Item List module
Summary
An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and CustomerGroupSupport has to be used to be affected.
This issue affects OTRS:
* 7.0.X
* 8.0.X
* 2023.X
* 2024.X
* 2025.X
* 2026.X before 2026.4.X
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
1 reference
Impacted products
Date Public
2026-06-01 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:18:28.357530Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:18:37.055Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"External Interface",
"ConfigItem List"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"status": "affected",
"version": "2025.x"
},
{
"lessThanOrEqual": "2026.3.x",
"status": "affected",
"version": "2026.x",
"versionType": "patch"
}
]
}
],
"datePublic": "2026-06-01T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and \u003ccode\u003eCustomerGroupSupport\u003c/code\u003e\u0026nbsp;has to be used to be affected.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS: \u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and CustomerGroupSupport\u00a0has to be used to be affected.\n\nThis issue affects OTRS: \n\n * 7.0.X\n * 8.0.X\n * 2023.X\n * 2024.X\n * 2025.X\n * 2026.X before 2026.4.X"
}
],
"impacts": [
{
"capecId": "CAPEC-54",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-54 Query System for Information"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:32:53.621Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-04/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2026-04",
"defect": [
"Ticket#2026052110000171",
"Issue#3939"
],
"discovery": "USER"
},
"title": "Incorrect handling of permissions in External Interface Config Item List module",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-48190",
"datePublished": "2026-06-01T03:32:53.621Z",
"dateReserved": "2026-05-21T07:53:13.254Z",
"dateUpdated": "2026-06-01T13:18:37.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48191 (GCVE-0-2026-48191)
Vulnerability from cvelistv5 – Published: 2026-06-01 03:32 – Updated: 2026-06-01 13:18
VLAI
Title
Wrong Permission Handling in Document Search Article Meta Filters
Summary
An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them.
This issue affects OTRS with STORM modules:
* 7.0.X
* 8.0.X
* 2023.X
* 2024.X
* 2025.X
* 2026.X before 2026.4.X
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
1 reference
Impacted products
Date Public
2026-06-01 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48191",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:18:50.061709Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:18:59.494Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Document Search Article Meta Filters"
],
"packageName": "STORM",
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "unknown",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"status": "affected",
"version": "2025.x"
},
{
"lessThanOrEqual": "2026.3.x",
"status": "affected",
"version": "2026.x",
"versionType": "patch"
}
]
}
],
"datePublic": "2026-06-01T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS with STORM modules: \u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them.\n\nThis issue affects OTRS with STORM modules: \n\n * 7.0.X\n * 8.0.X\n * 2023.X\n * 2024.X\n * 2025.X\n * 2026.X before 2026.4.X"
}
],
"impacts": [
{
"capecId": "CAPEC-54",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-54 Query System for Information"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:32:47.624Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-05/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2026-05",
"defect": [
"Ticket#2026052110000189",
"Issue#4041"
],
"discovery": "INTERNAL"
},
"title": "Wrong Permission Handling in Document Search Article Meta Filters",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-48191",
"datePublished": "2026-06-01T03:32:47.624Z",
"dateReserved": "2026-05-21T07:53:13.254Z",
"dateUpdated": "2026-06-01T13:18:59.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48208 (GCVE-0-2026-48208)
Vulnerability from cvelistv5 – Published: 2026-06-01 03:32 – Updated: 2026-06-01 13:19
VLAI
Title
Denial-of-Service via SVG Rendering in Ticket
Summary
An improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article rendering allows attackers to inject specially crafted SVG payloads via email content, leading to browser-side resource exhaustion and denial of service when affected tickets are opened by an agent or customer. The issue can be exploited without JavaScript execution and is not mitigated by the configured Content Security Policy (CSP).
This issue affects OTRS:
* 7.0.X
* 8.0.X
* 2023.X
* 2024.X
* 2025.X
* 2026.X before 2026.4.X
Please note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| OTRS AG | OTRS |
Affected:
7.0.x
Affected: 8.0.x Affected: 2023.x Affected: 2024.x Affected: 2025.x Affected: 2026.x , ≤ 2026.3.x (patch) |
|
| OTRS AG | ((OTRS)) Community Edition |
Affected:
6.x
|
Date Public
2026-06-01 07:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48208",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:19:13.837405Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:19:22.939Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Agent Frontend",
"External Interface"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"status": "affected",
"version": "2025.x"
},
{
"lessThanOrEqual": "2026.3.x",
"status": "affected",
"version": "2026.x",
"versionType": "patch"
}
]
},
{
"defaultStatus": "affected",
"modules": [
"Agent Frontend",
"External Interface"
],
"product": "((OTRS)) Community Edition",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "6.x"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Special thanks to Daniel Triznafor reporting this vulnerability"
}
],
"datePublic": "2026-06-01T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article rendering allows attackers to inject specially crafted SVG payloads via email content, leading to browser-side resource exhaustion and denial of service when affected tickets are opened by an agent or customer. The issue can be exploited without JavaScript execution and is not mitigated by the configured Content Security Policy (CSP).\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects OTRS:\u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.4.X\u003c/li\u003e\u003c/ul\u003ePlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article rendering allows attackers to inject specially crafted SVG payloads via email content, leading to browser-side resource exhaustion and denial of service when affected tickets are opened by an agent or customer. The issue can be exploited without JavaScript execution and is not mitigated by the configured Content Security Policy (CSP).\n\nThis issue affects OTRS:\n\n * 7.0.X\n * 8.0.X\n * 2023.X\n * 2024.X\n * 2025.X\n * 2026.X before 2026.4.X\n\nPlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected"
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-791",
"description": "CWE-791 Incomplete Filtering of Special Elements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:32:38.926Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-07/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2026.4.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2026-07",
"defect": [
"Ticket#2026052110000251",
"Issue#4802"
],
"discovery": "EXTERNAL"
},
"title": "Denial-of-Service via SVG Rendering in Ticket",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-48208",
"datePublished": "2026-06-01T03:32:38.926Z",
"dateReserved": "2026-05-21T12:12:49.645Z",
"dateUpdated": "2026-06-01T13:19:22.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48209 (GCVE-0-2026-48209)
Vulnerability from cvelistv5 – Published: 2026-06-01 03:32 – Updated: 2026-06-01 13:19
VLAI
Title
Reflected XSS in authenticated agent context
Summary
An improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened.
This issue affects OTRS:
* 7.0.x
Please note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| OTRS AG | OTRS |
Affected:
7.0.x
|
|
| OTRS AG | ((OTRS)) Community Edition |
Affected:
6.x
|
Date Public
2026-06-01 07:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48209",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:19:36.979966Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:19:45.357Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
}
]
},
{
"defaultStatus": "affected",
"product": "((OTRS)) Community Edition",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "6.x"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Special thanks to William Bastos (@chor4o) for reporting this vulnerability"
}
],
"datePublic": "2026-06-01T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAn improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eThis issue affects OTRS:\u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.x\u003c/li\u003e\u003c/ul\u003ePlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "An improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened.\n\nThis issue affects OTRS:\n\n * 7.0.x\n\nPlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected"
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116 Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:32:28.473Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-08/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to latest version of OTRS (2026.4.1. or later). Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to latest version of OTRS (2026.4.1. or later). Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2026-08",
"defect": [
"Ticket#2026052110000287",
"Ticket#2026041442001606"
],
"discovery": "EXTERNAL"
},
"title": "Reflected XSS in authenticated agent context",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-48209",
"datePublished": "2026-06-01T03:32:28.473Z",
"dateReserved": "2026-05-21T12:12:49.645Z",
"dateUpdated": "2026-06-01T13:19:45.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48210 (GCVE-0-2026-48210)
Vulnerability from cvelistv5 – Published: 2026-05-31 21:11 – Updated: 2026-06-01 13:24
VLAI
Title
Possible information disclosure via External Interface
Summary
An improper default configuration in OTRS 2026.3.1 causes ticket article forwarding actions to enforce the “Is visible for customer” flag by default and prevent users from disabling it via the UI. This leads to unintended exposure of internal ticket information to the External Frontend
This issue affects OTRS 2026.3.1
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Date Public
2026-06-01 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48210",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T13:24:29.483981Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:24:39.472Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"External Interface"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "2026.3.1"
}
]
}
],
"datePublic": "2026-06-01T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAn improper default configuration in OTRS 2026.3.1 causes ticket article forwarding actions to enforce the \u201cIs visible for customer\u201d flag by default and prevent users from disabling it via the UI. This leads to unintended exposure of internal ticket information to the External Frontend\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eThis issue affects OTRS 2026.3.1\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "An improper default configuration in OTRS 2026.3.1 causes ticket article forwarding actions to enforce the \u201cIs visible for customer\u201d flag by default and prevent users from disabling it via the UI. This leads to unintended exposure of internal ticket information to the External Frontend\n\nThis issue affects OTRS 2026.3.1"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
},
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T03:33:42.079Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-09/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to latest version of OTRS (2026.4.1. or later).\u003cbr\u003e"
}
],
"value": "Update to latest version of OTRS (2026.4.1. or later)."
}
],
"source": {
"advisory": "OSA-2026-09",
"defect": [
"Ticket#2026052110000321",
"Issue#4853"
],
"discovery": "USER"
},
"title": "Possible information disclosure via External Interface",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Go to Forms###AgentFrontend::TicketArticle::Action::Forward in System Configuration.\u0026nbsp;You will find that by Is visible for customer is a line Disabled: 1. Change it to\u0026nbsp;Disabled to 0 or remove it.\u0026nbsp;\u003cbr\u003e\u003cbr\u003e\u003cb\u003eCaution: Still the user has to check the checkbox on forwarding and uncheck it if needed\u003c/b\u003e"
}
],
"value": "Go to Forms###AgentFrontend::TicketArticle::Action::Forward in System Configuration.\u00a0You will find that by Is visible for customer is a line Disabled: 1. Change it to\u00a0Disabled to 0 or remove it.\u00a0\n\nCaution: Still the user has to check the checkbox on forwarding and uncheck it if needed"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-48210",
"datePublished": "2026-05-31T21:11:25.337Z",
"dateReserved": "2026-05-21T12:12:49.646Z",
"dateUpdated": "2026-06-01T13:24:39.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-6060 (GCVE-0-2026-6060)
Vulnerability from cvelistv5 – Published: 2026-04-20 18:20 – Updated: 2026-04-20 18:48
VLAI
Title
Possible DoS via SQL Box
Summary
A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS:
* 7.0.X
* 8.0.X
* 2023.X
* 2024.X
* 2025.X
* 2026.X before 2026.3.X
Severity
4.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
Date Public
2026-04-20 07:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-6060",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-20T18:47:46.149327Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-20T18:48:48.185Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"SQL Box"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"status": "affected",
"version": "2025.x"
},
{
"lessThanOrEqual": "2026.2.x",
"status": "affected",
"version": "2026.x",
"versionType": "patch"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Special thanks to Matthias Terlinde for reporting this vulnerability"
}
],
"datePublic": "2026-04-20T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the system\u003cp\u003eThis issue affects OTRS:\u0026nbsp;\u003c/p\u003e\u003cul\u003e\u003cli\u003e7.0.X\u003c/li\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003e2024.X\u003c/li\u003e\u003cli\u003e2025.X\u003c/li\u003e\u003cli\u003e2026.X before 2026.3.X\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS:\u00a0\n\n * 7.0.X\n * 8.0.X\n * 2023.X\n * 2024.X\n * 2025.X\n * 2026.X before 2026.3.X"
}
],
"impacts": [
{
"capecId": "CAPEC-125",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-125 Flooding"
}
]
},
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-20T18:20:01.664Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-01/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2026.3.1. or later. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2026.3.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2026-01",
"defect": [
"Ticket#2025021142001359",
"Issue#3460"
],
"discovery": "USER"
},
"title": "Possible DoS via SQL Box",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Remove SQL Box from Admin Interface via System Configuration"
}
],
"value": "Remove SQL Box from Admin Interface via System Configuration"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2026-6060",
"datePublished": "2026-04-20T18:20:01.664Z",
"dateReserved": "2026-04-10T08:43:26.385Z",
"dateUpdated": "2026-04-20T18:48:48.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-24391 (GCVE-0-2025-24391)
Vulnerability from cvelistv5 – Published: 2025-07-14 08:15 – Updated: 2025-07-14 12:58
VLAI
Title
Possible user enumeration
Summary
A vulnerability in the External Interface of OTRS allows conclusions to be drawn about the existence of user accounts through different HTTP response codes and messages. This enables an attacker to systematically identify valid email addresses.
This issue affects:
* OTRS 7.0.X
* OTRS 8.0.X
* OTRS 2023.X
* OTRS 2024.X
* OTRS 2025.X
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
1 reference
Impacted products
Date Public
2025-07-14 07:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24391",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-14T12:57:40.250849Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-14T12:58:02.638Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"External Interface"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"lessThanOrEqual": "2025.5.x",
"status": "affected",
"version": "2025.x",
"versionType": "Patch"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Special thanks to David Silva for reporting this vulnerability."
}
],
"datePublic": "2025-07-14T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in the External Interface of OTRS allows conclusions to be drawn about the existence of user accounts through different HTTP response codes and messages. This enables an attacker to systematically identify valid email addresses.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects: \u003c/p\u003e\u003cul\u003e\u003cli\u003eOTRS 7.0.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003eOTRS 8.0.X\u003c/li\u003e\u003cli\u003eOTRS 2023.X\u003c/li\u003e\u003cli\u003eOTRS 2024.X\u003c/li\u003e\u003cli\u003eOTRS 2025.X\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "A vulnerability in the External Interface of OTRS allows conclusions to be drawn about the existence of user accounts through different HTTP response codes and messages. This enables an attacker to systematically identify valid email addresses.\n\nThis issue affects: \n\n * OTRS 7.0.X\n\n * OTRS 8.0.X\n * OTRS 2023.X\n * OTRS 2024.X\n * OTRS 2025.X"
}
],
"impacts": [
{
"capecId": "CAPEC-575",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-575 Account Footprinting"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-14T08:15:58.668Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2025-07/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2025.6.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"value": "Update to OTRS 2025.6.1. or later. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2025-07",
"defect": [
"Issue#3743",
"Ticket#2024121142001403"
],
"discovery": "EXTERNAL"
},
"title": "Possible user enumeration",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2025-24391",
"datePublished": "2025-07-14T08:15:58.668Z",
"dateReserved": "2025-01-21T09:09:58.721Z",
"dateUpdated": "2025-07-14T12:58:02.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24388 (GCVE-0-2025-24388)
Vulnerability from cvelistv5 – Published: 2025-06-16 11:29 – Updated: 2025-06-16 15:01
VLAI
Title
Unsafe handling of AJAX calls
Summary
A vulnerability in the OTRS Admin Interface and Agent Interface (versions before OTRS 8) allow parameter injection due to for an autheniticated agent or admin user.
This issue affects:
* OTRS 7.0.X
* OTRS 8.0.X
* OTRS 2023.X
* OTRS 2024.X
* OTRS 2025.X
* ((OTRS)) Community Edition: 6.0.x
Products based on the ((OTRS)) Community Edition also very likely to be affected
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-184 - Incomplete List of Disallowed Inputs
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| OTRS AG | OTRS |
Affected:
7.0.x
Affected: 8.0.x Affected: 2023.x Affected: 2024.x Affected: 2025.x , ≤ 2025.5.1 (Patch) |
|
| OTRS AG | ((OTRS)) Community Edition |
Affected:
6.0.x
|
Date Public
2025-06-16 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24388",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-16T14:59:52.657688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T15:01:06.130Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Admin Interface",
"Agent Interface (versions before OTRS 8)"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"lessThanOrEqual": "2025.5.1",
"status": "affected",
"version": "2025.x",
"versionType": "Patch"
}
]
},
{
"defaultStatus": "affected",
"modules": [
"Admin Interface",
"Agent Interface"
],
"product": "((OTRS)) Community Edition",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "6.0.x"
}
]
}
],
"datePublic": "2025-06-16T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in the OTRS Admin Interface and Agent Interface (versions before OTRS 8) allow parameter injection due to for an autheniticated agent or admin user.\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e\u003cp\u003eThis issue affects: \u003c/p\u003e\u003cul\u003e\u003cli\u003eOTRS 7.0.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003eOTRS 8.0.X\u003c/li\u003e\u003cli\u003eOTRS 2023.X\u003c/li\u003e\u003cli\u003eOTRS 2024.X\u003c/li\u003e\u003cli\u003eOTRS 2025.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003e((OTRS)) Community Edition: 6.0.x\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cdiv\u003eProducts based on the ((OTRS)) Community Edition also very likely to be affected\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "A vulnerability in the OTRS Admin Interface and Agent Interface (versions before OTRS 8) allow parameter injection due to for an autheniticated agent or admin user.\n\nThis issue affects: \n\n * OTRS 7.0.X\n\n * OTRS 8.0.X\n * OTRS 2023.X\n * OTRS 2024.X\n * OTRS 2025.X\n\n * ((OTRS)) Community Edition: 6.0.x\n\nProducts based on the ((OTRS)) Community Edition also very likely to be affected"
}
],
"impacts": [
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137 Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-184",
"description": "CWE-184 Incomplete List of Disallowed Inputs",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T11:29:20.295Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2025-06/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2025.5.2. or later. Please note that there will be no OTRS 7 patches and that impact for OTRS 7 and prior is higher."
}
],
"value": "Update to OTRS 2025.5.2. or later. Please note that there will be no OTRS 7 patches and that impact for OTRS 7 and prior is higher."
}
],
"source": {
"advisory": "OSA-2025-06",
"defect": [
"Issue#3738"
],
"discovery": "USER"
},
"title": "Unsafe handling of AJAX calls",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2025-24388",
"datePublished": "2025-06-16T11:29:20.295Z",
"dateReserved": "2025-01-21T09:09:58.720Z",
"dateUpdated": "2025-06-16T15:01:06.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24387 (GCVE-0-2025-24387)
Vulnerability from cvelistv5 – Published: 2025-03-10 09:28 – Updated: 2025-03-10 13:12
VLAI
Title
Missing CSRF protection
Summary
A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive
cookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation.
This issue affects:
* OTRS 7.0.X
* OTRS 8.0.X
* OTRS 2023.X
* OTRS 2024.X
* OTRS 2025.x
Severity
4.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1275 - Sensitive Cookie with Improper SameSite Attribute
Assigner
References
1 reference
Impacted products
Date Public
2025-03-10 08:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24387",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T13:12:24.747437Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T13:12:40.237Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Application Server"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
},
{
"lessThanOrEqual": "2025.1.2",
"status": "affected",
"version": "2025.x",
"versionType": "Patch"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Special thanks to Alissa Kim for reporting this vulnerability."
}
],
"datePublic": "2025-03-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive \ncookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation.\u003cbr\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cul\u003e\u003cli\u003eOTRS 7.0.X\u003c/li\u003e\u003cli\u003eOTRS 8.0.X\u003c/li\u003e\u003cli\u003eOTRS 2023.X\u003c/li\u003e\u003cli\u003eOTRS 2024.X\u003c/li\u003e\u003cli\u003eOTRS 2025.x \u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
}
],
"value": "A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive \ncookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation.\n\u00a0\n\nThis issue affects:\n\n * OTRS 7.0.X\n * OTRS 8.0.X\n * OTRS 2023.X\n * OTRS 2024.X\n * OTRS 2025.x"
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1275",
"description": "CWE-1275: Sensitive Cookie with Improper SameSite Attribute",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T09:28:31.053Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2025-05/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2025.2.x. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2025.2.x. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2025-05",
"defect": [
"Issue#3080",
"Ticket#2024110542002023"
],
"discovery": "EXTERNAL"
},
"title": "Missing CSRF protection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2025-24387",
"datePublished": "2025-03-10T09:28:31.053Z",
"dateReserved": "2025-01-21T09:09:58.720Z",
"dateUpdated": "2025-03-10T13:12:40.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24390 (GCVE-0-2025-24390)
Vulnerability from cvelistv5 – Published: 2025-01-27 05:59 – Updated: 2025-02-12 20:01
VLAI
Title
Missing Cookie Flags
Summary
A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions.
This issue affects:
* OTRS 7.0.X
* OTRS 8.0.X
* OTRS 2023.X
* OTRS 2024.X
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-614 - Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Assigner
References
1 reference
Impacted products
Date Public
2025-01-27 08:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24390",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T13:22:30.624532Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:01:13.513Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"OTRS Application Server",
"Reverse Proxy"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Special thanks to Alissa Kim for reporting this vulnerability."
}
],
"datePublic": "2025-01-27T08:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions.\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue affects: \u003c/p\u003e\u003cul\u003e\u003cli\u003eOTRS 7.0.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003eOTRS 8.0.X\u003c/li\u003e\u003cli\u003eOTRS 2023.X\u003c/li\u003e\u003cli\u003eOTRS 2024.X\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions.\n\nThis issue affects: \n\n * OTRS 7.0.X\n\n * OTRS 8.0.X\n * OTRS 2023.X\n * OTRS 2024.X"
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-614",
"description": "CWE-614 Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T05:59:20.511Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2025-04/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2025.1.x. Please note that there will be no OTRS 7 patches\u003cbr\u003e"
}
],
"value": "Update to OTRS 2025.1.x. Please note that there will be no OTRS 7 patches"
}
],
"source": {
"advisory": "OSA-2025-04",
"defect": [
"Issue#3079",
"Ticket#2024110542002023"
],
"discovery": "EXTERNAL"
},
"title": "Missing Cookie Flags",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2025-24390",
"datePublished": "2025-01-27T05:59:20.511Z",
"dateReserved": "2025-01-21T09:09:58.721Z",
"dateUpdated": "2025-02-12T20:01:13.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24389 (GCVE-0-2025-24389)
Vulnerability from cvelistv5 – Published: 2025-01-27 05:59 – Updated: 2025-02-12 20:41
VLAI
Title
SMTP Password will be shown in cleartext on some SMTP errors
Summary
Certain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)) Community Edition log mechanism and mails send to the system administrator.
This issue affects:
* OTRS 7.0.X
* OTRS 8.0.X
* OTRS 2023.X
* OTRS 2024.X
* ((OTRS)) Community Edition: 6.0.x
Products based on the ((OTRS)) Community Edition also very likely to be affected
Severity
6.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| OTRS AG | OTRS |
Affected:
7.0.x
Affected: 8.0.x Affected: 2023.x Affected: 2024.x |
|
| OTRS AG | ((OTRS)) Community Edition |
Affected:
6.0.x , ≤ 6.0.34
(All)
|
Date Public
2025-01-27 08:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T13:23:23.051987Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:31.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"SMTP Sending Module"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "7.0.x"
},
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"status": "affected",
"version": "2024.x"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"SMTP Sending Module"
],
"product": "((OTRS)) Community Edition",
"vendor": "OTRS AG",
"versions": [
{
"lessThanOrEqual": "6.0.34",
"status": "affected",
"version": "6.0.x",
"versionType": "All"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "OTRS needs to be configured to use SMTP modules instead of sendmail"
}
],
"value": "OTRS needs to be configured to use SMTP modules instead of sendmail"
}
],
"datePublic": "2025-01-27T08:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eCertain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)) Community Edition log mechanism and mails send to the system administrator.\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e\u003cp\u003eThis issue affects: \u003c/p\u003e\u003cul\u003e\u003cli\u003eOTRS 7.0.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003eOTRS 8.0.X\u003c/li\u003e\u003cli\u003eOTRS 2023.X\u003c/li\u003e\u003cli\u003eOTRS 2024.X\u003cbr\u003e\u003c/li\u003e\u003cli\u003e((OTRS)) Community Edition: 6.0.x\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cdiv\u003eProducts based on the ((OTRS)) Community Edition also very likely to be affected\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Certain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)) Community Edition log mechanism and mails send to the system administrator.\n\nThis issue affects: \n\n * OTRS 7.0.X\n\n * OTRS 8.0.X\n * OTRS 2023.X\n * OTRS 2024.X\n\n * ((OTRS)) Community Edition: 6.0.x\n\nProducts based on the ((OTRS)) Community Edition also very likely to be affected"
}
],
"impacts": [
{
"capecId": "CAPEC-545",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-545 Pull Data from System Resources"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T05:59:01.064Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2025-03/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eUpdate to OTRS 2025.1.x. Please note that there will be no OTRS 7 patches. \u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eOptional: Use MTA based sending on the OTRS instance e.g. postfix\u003c/div\u003e"
}
],
"value": "Update to OTRS 2025.1.x. Please note that there will be no OTRS 7 patches. \n\nOptional: Use MTA based sending on the OTRS instance e.g. postfix"
}
],
"source": {
"advisory": "OSA-2025-03",
"defect": [
"Issue#3185",
"Ticket#2024112142001941"
],
"discovery": "USER"
},
"title": "SMTP Password will be shown in cleartext on some SMTP errors",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use a local MTA for sending instead of SMTP configuration within OTRS"
}
],
"value": "Use a local MTA for sending instead of SMTP configuration within OTRS"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2025-24389",
"datePublished": "2025-01-27T05:59:01.064Z",
"dateReserved": "2025-01-21T09:09:58.721Z",
"dateUpdated": "2025-02-12T20:41:31.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}